From: Marius Gavrilescu Date: Sat, 8 Feb 2014 20:47:54 +0000 (+0200) Subject: Add authentication cache X-Git-Url: http://git.ieval.ro/?a=commitdiff_plain;h=37bc8c4416b152ad3ab5e0c6e9e24b1f94848295;p=gruntmaster-page.git Add authentication cache --- diff --git a/app.psgi b/app.psgi index 5bed878..b1bd530 100644 --- a/app.psgi +++ b/app.psgi @@ -7,6 +7,7 @@ use Gruntmaster::Data; use Plack::App::Gruntmaster; use Plack::Builder; use Plack::Request; +use Digest::SHA qw/sha256/; $Apache2::AuthzCaps::rootdir = $Apache2::Authen::Passphrase::rootdir; my $word = qr,(\w+),a; @@ -42,12 +43,23 @@ sub require_admin { } } +my %authen_cache; + sub authenticate { my ($user, $pass, $env) = @_; + my $cache_key = sha256 "$user:$pass"; + my $time = $authen_cache{$cache_key} // 0; + if ($time >= time - 300) { + return 1; + } else { + delete $authen_cache{$cache_key}; + } + return unless eval { pwcheck $user, $pass; 1 }; + $authen_cache{$cache_key} = time; return if $env->{'gruntmaster.reqadmin'} && !hascaps $user, 'gmadm'; 1