Except that the last commit prevents "worked, but there are warnings"...

This version should allow postauth to succeed but still set lasterr to indicate warning conditions.
2012-03-19 10:31:12 +00:00 · 2012-03-19 10:31:12 +00:00 · 779a4ca040
commit 779a4ca040
parent e8475547c5
2 changed files with 13 additions and 7 deletions
--- a/AppUser.pm
+++ b/AppUser.pm
@ -233,7 +233,7 @@ sub set_user_authmethod {
 # ============================================================================
 #  Post-auth functions.

-## @method $ post_authenticate($username)
+## @method $ post_authenticate($username, $auth)
 # Perform any system-specific post-authentication tasks on the specified
 # user's data. This function allows each system to tailor post-auth tasks
 # to the requirements of the system.
@ -245,11 +245,13 @@ sub set_user_authmethod {
 #       desirable, subclasses may wish to override this function completely.
 #
 # @param username The username of the user to update the user_auth field for.
+# @param auth     A reference to the auth object calling this.
 # @return A reference to a hash containing the user's data on success,
 #         otherwise an error message.
 sub post_authenticate {
    my $self     = shift;
    my $username = shift;
+    my $auth     = shift;

    # Determine whether the user exists. If not, create the user.
    my $user = $self -> get_user($username);
@ -264,7 +266,10 @@ sub post_authenticate {
        $user = $self -> get_user($username);
    }

-    return "User addition failed" if(!$user);
+    if(!$user) {
+        $auth -> {"lasterr"} .= "User addition failed.";
+        return undef;
+    }

    # Touch the user's record...
    my $pokeh = $self -> {"dbh"} -> prepare("UPDATE ".$self -> {"settings"} -> {"database"} -> {"users"}."
--- a/Auth.pm
+++ b/Auth.pm
@ -232,12 +232,13 @@ sub valid_user {
    # invoke the app standard post-auth for the user, and return the user's
    # database record.
    if($valid) {
-        my $success = $self -> {"app"} -> post_authenticate($username);
-        $self -> {"lasterr"} = $success if(!ref($success)); # If postauth returned an error, store it.
+        # If postauth fails, treat the user as invalid
+        if($self -> {"app"} -> post_authenticate($username, $self)) {
+            $self -> {"app"} -> set_user_authmethod($username, $authmethod);

-        $self -> {"app"} -> set_user_authmethod($username, $authmethod);
-
-        return $self -> {"app"} -> get_user($username);
+            return $self -> {"app"} -> get_user($username);
+        }
+        return undef;
    }

    $self -> {"lasterr"} = "Invalid username or password specified.";