mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
Mark Smith ([staff profile] mark) wrote in [site community profile] changelog2009-04-26 08:19 pm

[dw-free] Fix Apache2 conversion of cookie auth method in authenticate routine. Also clean up this

[commit: http://hg.dwscoalition.org/dw-free/rev/4a363ba9f6aa]

Fix Apache2 conversion of cookie auth method in authenticate routine. Also
clean up this sub to follow style guidelines while I'm in there.

Patch by [staff profile] mark.

Files modified:
  • cgi-bin/ljprotocol.pl
--------------------------------------------------------------------------------
diff -r 9cc8ea02116c -r 4a363ba9f6aa cgi-bin/ljprotocol.pl
--- a/cgi-bin/ljprotocol.pl	Sun Apr 26 19:47:15 2009 +0000
+++ b/cgi-bin/ljprotocol.pl	Sun Apr 26 20:19:37 2009 +0000
@@ -2688,77 +2688,74 @@ sub check_altusage
 
 sub authenticate
 {
-    my ($req, $err, $flags) = @_;
+    my ( $req, $err, $flags ) = @_;
 
-    my $username = $req->{'username'};
-    return fail($err,200) unless $username;
-    return fail($err,100) unless LJ::canonical_username($username);
+    my $username = $req->{username};
+    return fail( $err, 200 ) unless $username;
+    return fail( $err, 100 ) unless LJ::canonical_username($username);
 
-    my $u = $flags->{'u'};
-    unless ($u) {
-        my $dbr = LJ::get_db_reader();
-        return fail($err,502) unless $dbr;
-        $u = LJ::load_user($username);
+    my $u = $flags->{u};
+    unless ( $u ) {
+        my $dbr = LJ::get_db_reader()
+            or return fail( $err, 502 );
+        $u = LJ::load_user( $username );
     }
 
-    return fail($err,100) unless $u;
-    return fail($err,100) if ($u->{'statusvis'} eq "X");
-    return fail($err,505) unless $u->{'clusterid'};
+    return fail( $err, 100 ) unless $u;
+    return fail( $err, 100 ) if $u->{statusvis} eq 'X';
+    return fail( $err, 505 ) unless $u->{clusterid};
 
-    my $r = eval { BML::get_request() };
-    my $ip;
-    if ($r) {
-        $r->notes->{ljuser} = $u->{'user'}
-            unless $r->notes->{ljuser};
-        $r->notes->{journalid} = $u->{'userid'}
-            unless $r->notes->{journalid};
-        $ip = LJ::get_remote_ip();
+    my $r = DW::Request->get;
+    my $ip = LJ::get_remote_ip();
+
+    if ( $r ) {
+        $r->note( ljuser => $u->user )
+            unless $r->note( 'ljuser' );
+        $r->note( journalid => $u->id )
+            unless $r->note( 'journalid' );
     }
 
     my $ip_banned = 0;
     my $chal_expired = 0;
     my $auth_check = sub {
 
-        my $auth_meth = $req->{'auth_method'} || "clear";
-        if ($auth_meth eq "clear") {
-            return LJ::auth_okay($u,
-                                 $req->{'password'},
-                                 $req->{'hpassword'},
-                                 $u->password,
-                                 \$ip_banned);
+        my $auth_meth = $req->{auth_method} || 'clear';
+        if ( $auth_meth eq 'clear' ) {
+            return LJ::auth_okay(
+                $u, $req->{password}, $req->{hpassword}, $u->password, \$ip_banned
+            );
         }
-        if ($auth_meth eq "challenge") {
+        if ( $auth_meth eq 'challenge' ) {
             my $chal_opts = {};
-            my $chall_ok = LJ::challenge_check_login($u,
-                                                     $req->{'auth_challenge'},
-                                                     $req->{'auth_response'},
-                                                     \$ip_banned,
-                                                     $chal_opts);
+            my $chall_ok = LJ::challenge_check_login(
+                $u, $req->{auth_challenge}, $req->{auth_response}, \$ip_banned, $chal_opts
+            );
             $chal_expired = 1 if $chal_opts->{expired};
             return $chall_ok;
         }
-        if ($auth_meth eq "cookie") {
-            return unless $r && $r->header_in("X-LJ-Auth") eq "cookie";
+        if ( $auth_meth eq 'cookie' ) {
+            return unless $r && $r->header_in( 'X-LJ-Auth' ) eq 'cookie';
+
             my $remote = LJ::get_remote();
-            return $remote && $remote->{'user'} eq $username ? 1 : 0;
+            return $remote && $remote->user eq $username ? 1 : 0;
         }
     };
 
-    unless ($flags->{'nopassword'} ||
-            $flags->{'noauth'} ||
-            $auth_check->() )
+    unless ( $flags->{nopassword} ||
+             $flags->{noauth} ||
+             $auth_check->() )
     {
-        return fail($err,402) if $ip_banned;
-        return fail($err,105) if $chal_expired;
-        return fail($err,101);
+        return fail( $err, 402 ) if $ip_banned;
+        return fail( $err, 105 ) if $chal_expired;
+        return fail( $err, 101 );
     }
 
     # if there is a require TOS revision, check for it now
-    return fail($err, 156, LJ::tosagree_str('protocol' => 'text'))
+    return fail( $err, 156, LJ::tosagree_str( protocol => 'text' ) )
         unless $u->tosagree_verify;
 
     # remember the user record for later.
-    $flags->{'u'} = $u;
+    $flags->{u} = $u;
     return 1;
 }
 
--------------------------------------------------------------------------------

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org