package Apache2::Authen::Passphrase;
-our $VERSION = 0.002001;
-
use 5.014000;
use strict;
use warnings;
use parent qw/Exporter/;
use subs qw/OK HTTP_UNAUTHORIZED/;
-use constant +{
- USER_REGEX => qr/^\w{2,20}$/pa,
- PASSPHRASE_VERSION => 1,
- INVALID_USER => "invalid-user\n",
- BAD_PASSWORD => "bad-password\n",
-};
+our $VERSION = 0.002001;
+
+use constant USER_REGEX => qr/^\w{2,20}$/pas;
+use constant PASSPHRASE_VERSION => 1;
+use constant INVALID_USER => "invalid-user\n";
+use constant BAD_PASSWORD => "bad-password\n";
use if $ENV{MOD_PERL}, 'Apache2::RequestRec';
use if $ENV{MOD_PERL}, 'Apache2::Access';
##################################################
-our $rootdir //= $ENV{AAP_ROOTDIR};
+our $rootdir;
+$rootdir //= $ENV{AAP_ROOTDIR};
sub pwhash{
my ($pass)=@_;
sub pwcheck{
my ($user, $pass)=@_;
- die INVALID_USER unless $user =~ USER_REGEX;
+ die INVALID_USER unless $user =~ USER_REGEX; ## no critic (RequireCarping)
$user=${^MATCH};# Make taint shut up
my $conf=LoadFile "$rootdir/$user.yml";
+ ## no critic (RequireCarping)
die BAD_PASSWORD unless keys $conf;# Empty hash means no such user
die BAD_PASSWORD unless Authen::Passphrase->from_rfc2307($conf->{passphrase})->match($pass);
+ ## use critic
pwset $user, $pass if $conf->{passphrase_version} < PASSPHRASE_VERSION
}