<<

Bugzilla::Auth::Login

NAME

Bugzilla::Auth::Login - Gets username/password data from the user.

DESCRIPTION

Bugzilla::Auth::Login is used to get information that uniquely identifies a user and allows us to authorize their Bugzilla access.

It is mostly an abstract class, requiring subclasses to implement most methods.

Note that callers outside of the Bugzilla::Auth package should never create this object directly. Just create a Bugzilla::Auth object and call login on it.

LOGIN METHODS

These are methods that have to do with getting the actual login data from the user or handling a login somehow.

These methods are abstract -- they MUST be implemented by a subclass.

get_login_info()

Description: Gets a username/password from the user, or some other information that uniquely identifies them. Params: None Returns: A $login_data hashref. (See Bugzilla::Auth for details.) The hashref MUST contain: user_id *or* username If this is a login method that requires verification, the hashref MUST contain password. The hashref MAY contain realname and extern_id.

fail_nodata()

Description: This function is called when Bugzilla doesn't get a username/password and the login type is LOGIN_REQUIRED (See Bugzilla::Auth for a description of LOGIN_REQUIRED). That is, this handles AUTH_NODATA in that situation.

             This function MUST stop CGI execution when it is complete.
             That is, it must call C<exit> or C<ThrowUserError> or some
             such thing.
Params:      None
Returns:     Never Returns.

INFO METHODS

These are methods that describe the capabilities of this Bugzilla::Auth::Login object. These are all no-parameter methods that return either true or false.

can_logout

Whether or not users can log out if they logged in using this object. Defaults to true.

can_login

Whether or not users can log in through the web interface using this object. Defaults to true.

requires_persistence

Whether or not we should send the user a cookie if they logged in with this method. Defaults to true.

requires_verification

Whether or not we should check the username/password that we got from this login method. Defaults to true.

user_can_create_account

Whether or not users can create accounts, if this login method is currently being used by the system. Defaults to false.

<<