internal package
Foswiki::Users::HtPasswdUser internal package
Foswiki::Users::HtPasswdUser is a
Foswiki::Users::Password Support for htpasswd and htdigest format password files.
Subclass of[[https://damask2.mpie.de/bin/view/System/PerlDoc?module=Foswiki::Users::Password][Foswiki::Users::Password]]
.
See documentation of that class for descriptions of the methods of this class.
ObjectMethod
finish() ObjectMethod
readOnly( ) → boolean returns true if the password file is not currently modifyable
Read the password file. The content of the file is cached in the password object.
We put a shared lock while reading if requested to prevent other processes from writing while we read but still allows parallel reading. The caller must never request a shared lock if there is already an exclusive lock.
This routine implements the auto-detection code for password entries:
Type | Length | Matches | |
---|---|---|---|
htdigest-md5 | n/a | $Foswiki::cfg{AuthRealm} | (Realm has to be an exact match) |
sha1 | 33 | ^\{SHA\} |
|
crypt-md5 | 34 | ^\$1\$ |
|
apache-md5 | 37 | ^\$apr1\$ |
|
bcrypt | 60 | ^\$2a\$ |
|
crypt | 13 | next field contains an email address | |
plain | any | next field contains an email address | |
sha | (I don't recall what this encoding is, maybe an older implementation?) | ||
htdigest-md5 | any | If next field contains a md5 hash, Fallthru match in case realm changed |
Dumps the memory password database to a newline separated string
Creates a new password file, and saves the content of the internal password database to the file.
After writing the file, the cache timestamp is reset.
The umask is overridden during save, so that the password file is not world or group readable.
Will return an encrypted password. Repeated calls to encrypt with the same login/passU will return the same passE.
However if the passU is changed, and subsequently changed back to the old login/passU pair, then the old passE is no longer valid.If $fresh is true, then a new password not based on any pre-existing salt will be used. Set this if you are generating a completely new password.
ObjectMethod
fetchPass( $login ) → $passwordE Returns encrypted password if succeeds. Returns 0 if login is invalid. Returns undef otherwise.
If the $oldPassU matches matches the user's password, then it will replace it with $newPassU.
If $oldPassU is not correct and not 1, will return 0.
If $oldPassU is 1, will force the change irrespective of the existing password, adding the user if necessary.
Otherwise returns 1 on success, undef on failure.
The password file is locked for exclusive access before being updated.
ObjectMethod
removeUser( $login ) → $boolean Removes the user identified by $login from the database and saves the password file.
Returns 1 on success, undef on failure.
ObjectMethod
checkPassword( $login, $password ) → $boolean Checks the validity of $password by looking up the user in the password file, and comparing the stored hash to the computed hash of the supplied password.
Returns 1 on success, 0 on failure.
ObjectMethod
isManagingEmails() → $boolean Returns true if the password manager is managing emails. This implementaiton always returns true.
ObjectMethod
getEmails($login) → @array Looks up the user in the database, Returns a list of email addresses for the user. or returns an empty list.
ObjectMethod
setEmails($login, @emails ) → $boolean Sets the identified user $login to the list of @emails.
ObjectMethod
findUseByEmail($email ) → @array Searches the password DB for users who have set this email. and returns and array of $login identifiers.