mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
Mark Smith ([staff profile] mark) wrote in [site community profile] changelog2009-04-26 08:19 pm
  • Add Memory
  • Share This Entry

[dw-free] Fix Apache2 conversion of cookie auth method in authenticate routine. Also clean up this

[commit: http://hg.dwscoalition.org/dw-free/rev/4a363ba9f6aa]

Fix Apache2 conversion of cookie auth method in authenticate routine. Also
clean up this sub to follow style guidelines while I'm in there.

Patch by [staff profile] mark.

Files modified:
  • cgi-bin/ljprotocol.pl
--------------------------------------------------------------------------------
diff -r 9cc8ea02116c -r 4a363ba9f6aa cgi-bin/ljprotocol.pl
--- a/cgi-bin/ljprotocol.pl	Sun Apr 26 19:47:15 2009 +0000
+++ b/cgi-bin/ljprotocol.pl	Sun Apr 26 20:19:37 2009 +0000
@@ -2688,77 +2688,74 @@ sub check_altusage
 
 sub authenticate
 {
-    my ($req, $err, $flags) = @_;
+    my ( $req, $err, $flags ) = @_;
 
-    my $username = $req->{'username'};
-    return fail($err,200) unless $username;
-    return fail($err,100) unless LJ::canonical_username($username);
+    my $username = $req->{username};
+    return fail( $err, 200 ) unless $username;
+    return fail( $err, 100 ) unless LJ::canonical_username($username);
 
-    my $u = $flags->{'u'};
-    unless ($u) {
-        my $dbr = LJ::get_db_reader();
-        return fail($err,502) unless $dbr;
-        $u = LJ::load_user($username);
+    my $u = $flags->{u};
+    unless ( $u ) {
+        my $dbr = LJ::get_db_reader()
+            or return fail( $err, 502 );
+        $u = LJ::load_user( $username );
     }
 
-    return fail($err,100) unless $u;
-    return fail($err,100) if ($u->{'statusvis'} eq "X");
-    return fail($err,505) unless $u->{'clusterid'};
+    return fail( $err, 100 ) unless $u;
+    return fail( $err, 100 ) if $u->{statusvis} eq 'X';
+    return fail( $err, 505 ) unless $u->{clusterid};
 
-    my $r = eval { BML::get_request() };
-    my $ip;
-    if ($r) {
-        $r->notes->{ljuser} = $u->{'user'}
-            unless $r->notes->{ljuser};
-        $r->notes->{journalid} = $u->{'userid'}
-            unless $r->notes->{journalid};
-        $ip = LJ::get_remote_ip();
+    my $r = DW::Request->get;
+    my $ip = LJ::get_remote_ip();
+
+    if ( $r ) {
+        $r->note( ljuser => $u->user )
+            unless $r->note( 'ljuser' );
+        $r->note( journalid => $u->id )
+            unless $r->note( 'journalid' );
     }
 
     my $ip_banned = 0;
     my $chal_expired = 0;
     my $auth_check = sub {
 
-        my $auth_meth = $req->{'auth_method'} || "clear";
-        if ($auth_meth eq "clear") {
-            return LJ::auth_okay($u,
-                                 $req->{'password'},
-                                 $req->{'hpassword'},
-                                 $u->password,
-                                 \$ip_banned);
+        my $auth_meth = $req->{auth_method} || 'clear';
+        if ( $auth_meth eq 'clear' ) {
+            return LJ::auth_okay(
+                $u, $req->{password}, $req->{hpassword}, $u->password, \$ip_banned
+            );
         }
-        if ($auth_meth eq "challenge") {
+        if ( $auth_meth eq 'challenge' ) {
             my $chal_opts = {};
-            my $chall_ok = LJ::challenge_check_login($u,
-                                                     $req->{'auth_challenge'},
-                                                     $req->{'auth_response'},
-                                                     \$ip_banned,
-                                                     $chal_opts);
+            my $chall_ok = LJ::challenge_check_login(
+                $u, $req->{auth_challenge}, $req->{auth_response}, \$ip_banned, $chal_opts
+            );
             $chal_expired = 1 if $chal_opts->{expired};
             return $chall_ok;
         }
-        if ($auth_meth eq "cookie") {
-            return unless $r && $r->header_in("X-LJ-Auth") eq "cookie";
+        if ( $auth_meth eq 'cookie' ) {
+            return unless $r && $r->header_in( 'X-LJ-Auth' ) eq 'cookie';
+
             my $remote = LJ::get_remote();
-            return $remote && $remote->{'user'} eq $username ? 1 : 0;
+            return $remote && $remote->user eq $username ? 1 : 0;
         }
     };
 
-    unless ($flags->{'nopassword'} ||
-            $flags->{'noauth'} ||
-            $auth_check->() )
+    unless ( $flags->{nopassword} ||
+             $flags->{noauth} ||
+             $auth_check->() )
     {
-        return fail($err,402) if $ip_banned;
-        return fail($err,105) if $chal_expired;
-        return fail($err,101);
+        return fail( $err, 402 ) if $ip_banned;
+        return fail( $err, 105 ) if $chal_expired;
+        return fail( $err, 101 );
     }
 
     # if there is a require TOS revision, check for it now
-    return fail($err, 156, LJ::tosagree_str('protocol' => 'text'))
+    return fail( $err, 156, LJ::tosagree_str( protocol => 'text' ) )
         unless $u->tosagree_verify;
 
     # remember the user record for later.
-    $flags->{'u'} = $u;
+    $flags->{u} = $u;
     return 1;
 }
 
--------------------------------------------------------------------------------