internal package Foswiki::Users::HtPasswdUser

See PublishedAPI for packages intended to be used by Plugin and Contrib authors, or browse all packages.
See also Developing plugins, Developer's Bible, Technical Overview

internal package Foswiki::Users::HtPasswdUser is a Foswiki::Users::Password

Support for htpasswd and htdigest format password files.

Subclass of [[http://bugzilla.i2u2.org/bin/view/System/PerlDoc?module=Foswiki::Users::Password][Foswiki::Users::Password]]. See documentation of that class for descriptions of the methods of this class.

ObjectMethod finish()

Break circular references.

ObjectMethod readOnly( ) → boolean

returns true if the password file is not currently modifyable

_readPasswd ( $lock, $cache );

Read the password file. The content of the file is cached in the password object.

We put a shared lock while reading if requested to prevent other processes from writing while we read but still allows parallel reading. The caller must never request a shared lock if there is already an exclusive lock.

  • if $lockShared is true, a shared lock is requested./
  • if $cache is true, the in-memory cache will be returned if available.

This routine implements the auto-detection code for password entries:

Type Length Matches
htdigest-md5 n/a $Foswiki::cfg{AuthRealm} (Realm has to be an exact match)
sha1 33 ^\{SHA\}
crypt-md5 34 ^\$1\$
apache-md5 37 ^\$apr1\$
bcrypt 60 ^\$2a\$
crypt 13   next field contains an email address
plain any   next field contains an email address
sha     (I don't recall what this encoding is, maybe an older implementation?)
htdigest-md5 any   If next field contains a md5 hash, Fallthru match in case realm changed

_dumpPasswd( $db ) -> $boolean

Dumps the memory password database to a newline separated string

_savePasswd( $db ) -> $passwordE

Creates a new password file, and saves the content of the internal password database to the file.

After writing the file, the cache timestamp is reset.

The umask is overridden during save, so that the password file is not world or group readable.

encrypt( $login, $passwordU, $fresh ) -> $passwordE

Will return an encrypted password. Repeated calls to encrypt with the same login/passU will return the same passE.

However if the passU is changed, and subsequently changed back to the old login/passU pair, then the old passE is no longer valid.

If $fresh is true, then a new password not based on any pre-existing salt will be used. Set this if you are generating a completely new password.

ObjectMethod fetchPass( $login ) → $passwordE

Implements Foswiki::Password

Returns encrypted password if succeeds. Returns 0 if login is invalid. Returns undef otherwise.

setPassword( $login, $newPassU, $oldPassU ) -> $boolean

If the $oldPassU matches matches the user's password, then it will replace it with $newPassU.

If $oldPassU is not correct and not 1, will return 0.

If $oldPassU is 1, will force the change irrespective of the existing password, adding the user if necessary.

Otherwise returns 1 on success, undef on failure.

The password file is locked for exclusive access before being updated.

ObjectMethod removeUser( $login ) → $boolean

Removes the user identified by $login from the database and saves the password file.

Returns 1 on success, undef on failure.

ObjectMethod checkPassword( $login, $password ) → $boolean

Checks the validity of $password by looking up the user in the password file, and comparing the stored hash to the computed hash of the supplied password.

Returns 1 on success, 0 on failure.

ObjectMethod isManagingEmails() → $boolean

Returns true if the password manager is managing emails. This implementaiton always returns true.

ObjectMethod getEmails($login) → @array

Looks up the user in the database, Returns a list of email addresses for the user. or returns an empty list.

ObjectMethod setEmails($login, @emails ) → $boolean

Sets the identified user $login to the list of @emails.

ObjectMethod findUseByEmail($email ) → @array

Searches the password DB for users who have set this email. and returns and array of $login identifiers.

Topic revision: r1 - 2014-11-21, ProjectContributor
This site is powered by FoswikiCopyright © by the contributing authors. All material on this site is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback