internal package Foswiki::Users::Password

See PublishedAPI for packages intended to be used by Plugin and Contrib authors, or browse all packages.
See also Developing plugins, Developer's Bible, Technical Overview

Perl Module:

Child packagesChild packages

internal package Foswiki::Users::Password

Base class of all password handlers. Default behaviour is no passwords, so anyone can be anyone they like.

The methods of this class should be overridded by subclasses that want to implement other password handling methods.

ClassMethod new( $session ) → $object

Constructs a new password handler of this type, referring to $session for any required Foswiki services.

ObjectMethod finish()

Break circular references.

ObjectMethod readOnly( ) → boolean

returns true if the password database is not currently modifyable also needs to set $this->{session}->enter_context('passwords_modifyable'); if you want to be able to use the existing TopicUserMappingContrib ChangePassword topics

ObjectMethod fetchPass( $login ) → $passwordE

Implements Foswiki::Password

Returns encrypted password if succeeds. Returns 0 if login is invalid. Returns undef otherwise.

ObjectMethod checkPassword( $login, $passwordU ) → $boolean

Finds if the password is valid for the given user.

Returns 1 on success, undef on failure.

ObjectMethod removeUser( $login ) → $boolean

Delete the users entry.

ObjectMethod setPassword( $login, $newPassU, $oldPassU ) → $boolean

If the $oldPassU matches matches the user's password, then it will replace it with $newPassU.

If $oldPassU is not correct and not 1, will return 0.

If $oldPassU is 1, will force the change irrespective of the existing password, adding the user if necessary.

Otherwise returns 1 on success, undef on failure.

encrypt( $login, $passwordU, $fresh ) -> $passwordE

Will return an encrypted password. Repeated calls to encrypt with the same login/passU will return the same passE.

However if the passU is changed, and subsequently changed back to the old login/passU pair, then the old passE is no longer valid.

If $fresh is true, then a new password not based on any pre-existing salt will be used. Set this if you are generating a completely new password.

ObjectMethod error() → $string

Return any error raised by the last method call, or undef if the last method call succeeded.

ObjectMethod isManagingEmails() → $boolean

Determines if this manager can store and retrieve emails. The password manager is used in preference to the user mapping manager for storing emails, on the basis that emails need to be secure, and the password database is the most secure place. If a password manager does not manage emails, then Foswiki will fall back to using the user mapping manager (which by default will store emails in user topics)

The default ('none') password manager does not manage emails.

ObjectMethod getEmails($login) → @emails

Fetch the email address(es) for the given login. Default behaviour is to return an empty list. Called by Users.pm. Only used if isManagingEmails -> true.

ObjectMethod setEmails($login, @emails) → $boolean

Set the email address(es) for the given login name. Returns true if the emails were set successfully. Default behaviour is a nop, which will result in the user mapping manager taking over. Called by Users.pm. Only used if isManagingEmails -> true.

ObjectMethod findUserByEmail($email) → \@users

Returns an array of login names that relate to a email address. Defaut behaviour is a nop, which will result in the user mapping manager being asked for its opinion. If subclass implementations return a value for this, then the user mapping manager will not be asked. Only used if isManagingEmails -> true.

Called by Users.pm.

ObjectMethod canFetchUsers() → boolean

returns true if the fetchUsers method is implemented and can return an iterator of users. returns undef / nothing in this case, as we are unable to generate a list of users

ObjectMethod fetchUsers() → $iterator

returns an Iterator of loginnames from the password source. If AllowLoginNames is false this is used to remove the need for a WikiUsers topic.