Bugzilla::Auth::Verify - An object that verifies usernames and passwords.
Bugzilla::Auth::Verify provides the "Verifier" part of the Bugzilla login process. (For details, see the "STRUCTURE" section of Bugzilla::Auth.)
It is mostly an abstract class, requiring subclasses to implement most methods.
Note that callers outside of the Bugzilla::Auth
package should never create this object directly.
Just create a Bugzilla::Auth
object and call login
on it.
These are the methods that have to do with the actual verification.
Subclasses MUST implement these methods.
check_credentials($login_data)
Description: Checks whether or not a username is valid.
Params: $login_data - A $login_data
hashref,
as described in Bugzilla::Auth.
This $login_data
hashref MUST contain username
,
and SHOULD also contain password
.
Returns: A $login_data
hashref with bz_username
set.
This method may also set realname
.
It must avoid changing anything that is already set.
These are methods that change data in the actual authentication backend.
These methods are optional, they do not have to be implemented by subclasses.
create_or_update_user($login_data)
Description: Automatically creates a user account in the database if it doesn't already exist,
or updates the account data if $login_data
contains newer information.
Params: $login_data - A $login_data
hashref,
as described in Bugzilla::Auth.
This $login_data
hashref MUST contain either user_id
,
bz_username
,
or username
.
If both username
and bz_username
are specified,
bz_username
is used as the login name of the user to create in the database.
It MAY also contain extern_id
,
in which case it still MUST contain bz_username
or username
.
It MAY contain password
and realname
.
Returns: A hashref with one element,
user
,
which is a Bugzilla::User object.
May also return a login error as described in Bugzilla::Auth.
Note: This method is not abstract,
it is actually implemented and creates accounts in the Bugzilla database.
Subclasses should probably all call the Bugzilla::Auth::Verify
version of this function at the end of their own create_or_update_user
.
change_password($user,
$password)
Description: Modifies the user's password in the authentication backend. Params: $user - A Bugzilla::User object representing the user whose password we want to change. $password - The user's new password. Returns: Nothing.
These are methods that describe the capabilities of this object.
These are all no-parameter methods that return either true
or false
.
user_can_create_account
Whether or not users can manually create accounts in this type of account source.
Defaults to true
.
extern_id_used
Whether or not this verifier method uses the extern_id field. If used, users with editusers permission will be be allowed to edit the extern_id for all users.
The default value is false
.