From: Tomas Doran <bobtfish@bobtfish.net>
Date: Tue, 28 Apr 2009 12:35:52 +0000 (+0000)
Subject: Initial idea - make the user class instance have a closure which when called will... 
X-Git-Tag: v0.1006~9^2
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=57e643d28afe2c8479ba2591327231003d8c4687;p=catagits%2FCatalyst-Authentication-Store-LDAP.git

Initial idea - make the user class instance have a closure which when called will retrieve an LDAP connection bound as the user, not so pleasant, but better than saving the password in the user object in plaintext..
---

diff --git a/lib/Catalyst/Authentication/Store/LDAP/User.pm b/lib/Catalyst/Authentication/Store/LDAP/User.pm
index aa40d03..527ee47 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/User.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/User.pm
@@ -51,7 +51,7 @@ use warnings;
 
 our $VERSION = '0.1004';
 
-BEGIN { __PACKAGE__->mk_accessors(qw/user store/) }
+BEGIN { __PACKAGE__->mk_accessors(qw/user store _ldap_connection/) }
 
 use overload '""' => sub { shift->stringify }, fallback => 1;
 
@@ -139,10 +139,13 @@ sub check_password {
         'forauth' );
     if ( defined($ldap) ) {
         if ($self->store->role_search_as_user) {
+            # FIXME - This can be removed and made to use the code below..
             # Have to do the role lookup _now_, as this is the only time
             # that we have the user's password/ldap bind..
             $self->roles($ldap);
         }
+        # Stash a closure which can be used to retrieve the connection in the users context later.
+        $self->_ldap_connection( sub { $self->store->ldap_bind( undef, $self->ldap_entry->dn, $password ) } );
         return 1;
     }
     else {