Added POD and some comments.

2002-10-07 00:34:24 +00:00 · 2002-10-07 00:34:24 +00:00 · acaffcf53e
commit acaffcf53e
parent f32b071f5c
1 changed files with 158 additions and 11 deletions
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@ -30,12 +30,90 @@ use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
 # set the version for version checking
 $VERSION = 0.01;

+=head1 NAME
+
+C4::Auth - Authenticates Koha users
+
+=head1 SYNOPSIS
+
+  use CGI;
+  use C4::Auth;
+
+  $query = new CGI;
+  ($userid, $cookie, $sessionID) = &checkauth($query);
+
+=head1 DESCRIPTION
+
+This module provides authentication for Koha users.
+
+=head1 FUNCTIONS
+
+=over 2
+
+=cut
+
@ISA = qw(Exporter);
@EXPORT = qw(
 	     &checkauth
 );

+=item checkauth

+  ($userid, $cookie, $sessionID) = &checkauth($query, $noauth);
+
+Verifies that the user is authorized to run this script. Note that
+C<&checkauth> will return if and only if the user is authorized, so it
+should be called early on, before any unfinished operations (i.e., if
+you've opened a file, then C<&checkauth> won't close it for you).
+
+C<$query> is the CGI object for the script calling C<&checkauth>.
+
+The C<$noauth> argument is optional. If it is set, then no
+authorization is required for the script.
+
+C<&checkauth> fetches user and session information from C<$query> and
+ensures that the user is authorized to run scripts that require
+authorization.
+
+If C<$query> does not have a valid session ID associated with it
+(i.e., the user has not logged in) or if the session has expired,
+C<&checkauth> presents the user with a login page (from the point of
+view of the original script, C<&checkauth> does not return). Once the
+user has authenticated, C<&checkauth> restarts the original script
+(this time, C<&checkauth> returns).
+
+C<&checkauth> returns a user ID, a cookie, and a session ID. The
+cookie should be sent back to the browser; it verifies that the user
+has authenticated.
+
+=cut
+#'
+# FIXME - (Or rather, proofreadme)
+# As I understand it, the 'sessionqueries' table in the Koha database
+# is supposed to save state while the user authenticates. If
+# (re-)authentication is required, &checkauth saves the browser's
+# original call to a new entry in sessionqueries, then presents a form
+# for the user to authenticate. Once the user has authenticated
+# visself, &checkauth retrieves the stored information from
+# sessionqueries and allows the original request to proceed.
+#
+# One problem, however, is that sessionqueries only stores the URL,
+# not the various values passed along from an HTML form. Thus, if the
+# request came from a form and contains information on stuff to change
+# (e.g., modify the contents of a virtual bookshelf), but the session
+# has timed out, then when &checkauth finally allows the request to
+# proceed, it will not contain the user's modifications. This is bad.
+#
+# Another problem is that entries in sessionqueries are supposed to be
+# temporary, but there's no mechanism for removing them in case of
+# error (e.g., the user can't remember vis password and walks away, or
+# if the user's machine crashes in the middle of authentication).
+#
+# Perhaps a better implementation would be to use $query->param to get
+# the parameter with which the original script was invoked, and pass
+# that along through all of the authentication pages. That way, all of
+# the pertinent information would be preserved, and the sessionqueries
+# table could be removed.

 sub checkauth {
    my $query=shift;
@ -48,33 +126,59 @@ sub checkauth {
 				  -expires => '+1y');
 	return ($userid, $cookie, '');
    }
+
+    # Get session ID from cookie.
    my $sessionID=$query->cookie('sessionID');
+	# FIXME - Error-checking: if the user isn't allowing cookies,
+	# $sessionID will be undefined. Don't confuse this with an
+	# expired cookie.
+
    my $message='';

+    # Make sure the session ID is (still) good.
    my $dbh = C4::Context->dbh;
    my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?");
    $sth->execute($sessionID);
    if ($sth->rows) {
 	my ($userid, $ip, $lasttime) = $sth->fetchrow;
+	# FIXME - Back door for tonnensen
 	if ($lasttime<time()-45 && $userid ne 'tonnesen') {
-	    # timed logout
+	    # This session has been inactive for >45 seconds, and
+	    # doesn't belong to user tonnensen. It has expired.
 	    $message="You have been logged out due to inactivity.";
+
+	    # Remove this session ID from the list of active sessions.
+	    # FIXME - Ought to have a cron job clean this up as well.
 	    my $sti=$dbh->prepare("delete from sessions where sessionID=?");
 	    $sti->execute($sessionID);
-	    my $scriptname=$ENV{'SCRIPT_NAME'};
+
+	    # Add an entry to sessionqueries, so that we can restart
+	    # the script once the user has authenticated.
+	    my $scriptname=$ENV{'SCRIPT_NAME'};	# FIXME - Unused
 	    my $selfurl=$query->self_url();
 	    $sti=$dbh->prepare("insert into sessionqueries (sessionID, userid, value) values (?, ?, ?)");
 	    $sti->execute($sessionID, $userid, $selfurl);
+
+	    # Log the fact that someone tried to use an expired session ID.
+	    # FIXME - Ought to have a better logging mechanism,
+	    # ideally some wrapper that logs either to a
+	    # user-specified file, or to syslog, as determined by
+	    # either an entry in /etc/koha.conf, or a system
+	    # preference.
 	    open L, ">>/tmp/sessionlog";
 	    my $time=localtime(time());
 	    printf L "%20s from %16s logged out at %30s (inactivity).\n", $userid, $ip, $time;
 	    close L;
 	} elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
-	    # Different ip than originally logged in from
+	    # This session is coming from an IP address other than the
+	    # one where it was set. The user might be doing something
+	    # naughty.
 	    my $newip=$ENV{'REMOTE_ADDR'};

 	    $message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie from a different ip address.<br>(authenticated from $ip, this request from $newip)";
 	} else {
+	    # This appears to be a valid session. Update the time
+	    # stamp on it and return.
 	    my $cookie=$query->cookie(-name => 'sessionID',
 				      -value => $sessionID,
 				      -expires => '+1y');
@ -84,23 +188,42 @@ sub checkauth {
 	}
    }

-
+    # If we get this far, it's because we haven't received a cookie
+    # with a valid session ID. Need to start a new session and set a
+    # new cookie.

    if ($authnotrequired) {
+	# This script doesn't require the user to be logged in. Return
+	# just the cookie, without user ID or session ID information.
 	my $cookie=$query->cookie(-name => 'sessionID',
 				  -value => '',
 				  -expires => '+1y');
 	return('', $cookie, '');
    } else {
+	# This script requires authorization. Assume that we were
+	# given user and password information; generate a new session.
+
+	# Generate a new session ID.
 	($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
 	my $userid=$query->param('userid');
 	my $password=$query->param('password');
 	if (checkpw($dbh, $userid, $password)) {
+	    # The given password is valid
+
+	    # Delete any old copies of this session.
 	    my $sti=$dbh->prepare("delete from sessions where sessionID=? and userid=?");
 	    $sti->execute($sessionID, $userid);
+
+	    # Add this new session to the 'sessions' table.
 	    $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
 	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
+
+	    # See if there's an entry for this session ID and user in
+	    # the 'sessionqueries' table. If so, then use that entry
+	    # to generate an HTTP redirect that'll take the user to
+	    # where ve wanted to go in the first place.
 	    $sti=$dbh->prepare("select value from sessionqueries where sessionID=? and userid=?");
+			# FIXME - There is no sessionqueries.value
 	    $sti->execute($sessionID, $userid);
 	    if ($sti->rows) {
 		my $stj=$dbh->prepare("delete from sessionqueries where sessionID=?");
@ -118,6 +241,9 @@ sub checkauth {
 				      -expires => '+1y');
 	    return ($userid, $cookie, $sessionID);
 	} else {
+	    # Either we weren't given a user id and password, or else
+	    # the password was invalid.
+
 	    if ($userid) {
 		$message="Invalid userid or password entered.";
 	    }
@ -174,32 +300,53 @@ sub checkauth {
    }
 }

-
+# checkpw
+# Takes a database handle, user ID, and password, and verifies that
+# the password is good. The user ID may be either a user ID or a card
+# number.
+# Returns 1 if the password is good, or 0 otherwise.
 sub checkpw {

 # This should be modified to allow a select of authentication schemes (ie LDAP)
 # as well as local authentication through the borrowers tables passwd field
 #
    my ($dbh, $userid, $password) = @_;
-    my $sth=$dbh->prepare("select password from borrowers where userid=?");
+    my $sth;
+
+    # Try the user ID.
+    $sth = $dbh->prepare("select password from borrowers where userid=?");
    $sth->execute($userid);
    if ($sth->rows) {
 	my ($md5password) = $sth->fetchrow;
 	if (md5_base64($password) eq $md5password) {
-	    return 1;
+	    return 1;		# The password matches
 	}
    }
-    # FIXME - There's already a $sth in this scope.
-    my $sth=$dbh->prepare("select password from borrowers where cardnumber=?");
+
+    # Try the card number.
+    $sth = $dbh->prepare("select password from borrowers where cardnumber=?");
    $sth->execute($userid);
    if ($sth->rows) {
 	my ($md5password) = $sth->fetchrow;
 	if (md5_base64($password) eq $md5password) {
-	    return 1;
+	    return 1;		# The password matches
 	}
    }
-    return 0;
+    return 0;		# Either there's no such user, or the password
+			# doesn't match.
 }


 END { }       # module clean-up code here (global destructor)
+
+1;
+__END__
+=back
+
+=head1 SEE ALSO
+
+L<CGI(3)|CGI>
+
+L<Digest::MD5(3)|Digest::MD5>
+
+=cut