projects
/
plack-middleware-auth-complex.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add perlcritic tests and make code compliant
[plack-middleware-auth-complex.git]
/
lib
/
Plack
/
Middleware
/
Auth
/
Complex.pm
diff --git
a/lib/Plack/Middleware/Auth/Complex.pm
b/lib/Plack/Middleware/Auth/Complex.pm
index fe545482597db1e9ed2c1f1e8737b61842c69550..6ef8769f03c9075bc00c4f03000c5bcb042a23eb 100644
(file)
--- a/
lib/Plack/Middleware/Auth/Complex.pm
+++ b/
lib/Plack/Middleware/Auth/Complex.pm
@@
-5,13
+5,14
@@
use strict;
use warnings;
our $VERSION = '0.000_001';
use warnings;
our $VERSION = '0.000_001';
-$VERSION = eval $VERSION; # see L<perlmodstyle>
use parent qw/Plack::Middleware/;
use parent qw/Plack::Middleware/;
+use re '/s';
use Authen::Passphrase;
use Authen::Passphrase::BlowfishCrypt;
use Bytes::Random::Secure qw/random_bytes/;
use Authen::Passphrase;
use Authen::Passphrase::BlowfishCrypt;
use Bytes::Random::Secure qw/random_bytes/;
+use Carp qw/croak/;
use DBI;
use Digest::SHA qw/hmac_sha1_base64 sha256/;
use Email::Simple;
use DBI;
use Digest::SHA qw/hmac_sha1_base64 sha256/;
use Email::Simple;
@@
-30,7
+31,7
@@
sub default_opts {(
cache_fail => 0,
cache_max_age => 5 * 60,
token_max_age => 60 * 60,
cache_fail => 0,
cache_max_age => 5 * 60,
token_max_age => 60 * 60,
- username_regex => qr/^\w{2,20}$/a,
+ username_regex => qr/^\w{2,20}$/a
s
,
register_url => '/action/register',
passwd_url => '/action/passwd',
request_reset_url => '/action/request-reset',
register_url => '/action/register',
passwd_url => '/action/passwd',
request_reset_url => '/action/request-reset',
@@
-48,11
+49,11
@@
sub new {
sub init {
my ($self) = @_;
sub init {
my ($self) = @_;
- $self->{dbh} = DBI->connect(@{$self->{dbi_connect}}) or
die
$DBI::errstr;
+ $self->{dbh} = DBI->connect(@{$self->{dbi_connect}}) or
croak
$DBI::errstr;
$self->{post_connect_cb}->($self) if $self->{post_connect_cb}; # uncoverable branch false
$self->{post_connect_cb}->($self) if $self->{post_connect_cb}; # uncoverable branch false
- $self->{insert_sth} = $self->{dbh}->prepare($self->{insert_user}) or
die
$self->{dbh}->errstr;
- $self->{select_sth} = $self->{dbh}->prepare($self->{select_user}) or
die
$self->{dbh}->errstr;
- $self->{update_sth} = $self->{dbh}->prepare($self->{update_pass}) or
die
$self->{dbh}->errstr;
+ $self->{insert_sth} = $self->{dbh}->prepare($self->{insert_user}) or
croak
$self->{dbh}->errstr;
+ $self->{select_sth} = $self->{dbh}->prepare($self->{select_user}) or
croak
$self->{dbh}->errstr;
+ $self->{update_sth} = $self->{dbh}->prepare($self->{update_pass}) or
croak
$self->{dbh}->errstr;
}
sub create_user {
}
sub create_user {
@@
-63,13
+64,14
@@
sub create_user {
sub get_user {
my ($self, $user) = @_;
sub get_user {
my ($self, $user) = @_;
- $self->{select_sth}->execute($user) or
die
$self->{sth}->errstr;
+ $self->{select_sth}->execute($user) or
croak
$self->{sth}->errstr;
$self->{select_sth}->fetchrow_hashref
}
sub check_passphrase {
my ($self, $username, $passphrase) = @_;
unless ($self->{cache}) {
$self->{select_sth}->fetchrow_hashref
}
sub check_passphrase {
my ($self, $username, $passphrase) = @_;
unless ($self->{cache}) {
+ ## no critic (ProhibitTies)
tie my %cache, 'Tie::Hash::Expire', {expire_seconds => $self->{cache_max_age}};
$self->{cache} = \%cache;
}
tie my %cache, 'Tie::Hash::Expire', {expire_seconds => $self->{cache_max_age}};
$self->{cache} = \%cache;
}
@@
-108,7
+110,7
@@
sub mail_body {
my ($self, $username, $token) = @_;
my $hours = $self->{token_max_age} / 60 / 60;
$hours .= $hours == 1 ? ' hour' : ' hours'; # uncoverable branch false
my ($self, $username, $token) = @_;
my $hours = $self->{token_max_age} / 60 / 60;
$hours .= $hours == 1 ? ' hour' : ' hours'; # uncoverable branch false
- <<
EOF
;
+ <<
"EOF"
;
Someone has requested a password reset for your account.
To reset your password, please submit the reset password form on the
Someone has requested a password reset for your account.
To reset your password, please submit the reset password form on the
@@
-175,7
+177,7
@@
sub call_register {
return $self->bad_request("Missing parameter $_") unless $parms{$_};
}
return $self->bad_request("Missing parameter $_") unless $parms{$_};
}
- return $self->bad_request('Username must match ' . $self->{username_regex}) unless $parms{username} =~
/$self->{username_regex}/
;
+ return $self->bad_request('Username must match ' . $self->{username_regex}) unless $parms{username} =~
$self->{username_regex}
;
return $self->bad_request('Username already in use') if $self->get_user($parms{username});
return $self->bad_request('The two passwords do not match') unless $parms{password} eq $parms{confirm_password};
return $self->bad_request('Username already in use') if $self->get_user($parms{username});
return $self->bad_request('The two passwords do not match') unless $parms{password} eq $parms{confirm_password};
@@
-203,13
+205,11
@@
sub call_request_reset {
return $self->internal_server_error('Password resets are disabled') unless $self->{mail_from};
my $username = $req->param('username');
my $user = $self->get_user($username) or return $self->bad_request('No such user');
return $self->internal_server_error('Password resets are disabled') unless $self->{mail_from};
my $username = $req->param('username');
my $user = $self->get_user($username) or return $self->bad_request('No such user');
- my $ok = 0;
eval {
$self->send_reset_email($username);
eval {
$self->send_reset_email($username);
- $ok = 1;
- };
- return $self->reply('Email sent') if $ok;
- return $self->internal_server_error($@);
+ 1
+ } or return $self->internal_server_error($@);
+ $self->reply('Email sent');
}
sub call_reset {
}
sub call_reset {
@@
-222,7
+222,7
@@
sub call_reset {
my $user = $self->get_user($parms{username}) or return $self->bad_request('No such user');
return $self->bad_request('The two passwords do not match') unless $parms{new_password} eq $parms{confirm_new_password};
my $user = $self->get_user($parms{username}) or return $self->bad_request('No such user');
return $self->bad_request('The two passwords do not match') unless $parms{new_password} eq $parms{confirm_new_password};
- my ($token, $exp) = split
':'
, $parms{token};
+ my ($token, $exp) = split
/:/
, $parms{token};
my $goodtoken = $self->make_reset_hmac($parms{username}, $exp);
return $self->bad_request('Bad reset token') unless $token eq $goodtoken;
return $self->bad_request('Reset token has expired') if time >= $exp;
my $goodtoken = $self->make_reset_hmac($parms{username}, $exp);
return $self->bad_request('Bad reset token') unless $token eq $goodtoken;
return $self->bad_request('Reset token has expired') if time >= $exp;
@@
-384,7
+384,7
@@
Password reset token validity, in seconds. Defaults to 1 hour.
=item username_regex
Regular expression that matches valid usernames. Defaults to
=item username_regex
Regular expression that matches valid usernames. Defaults to
-C<qr/^\w{2,20}$/a>.
+C<qr/^\w{2,20}$/a
s
>.
=item register_url
=item register_url
This page took
0.012893 seconds
and
4
git commands to generate.