<<

Bugzilla::Auth::Login

NAME

Bugzilla::Auth::Login - Gets username/password data from the user.

DESCRIPTION

Bugzilla::Auth::Login is used to get information that uniquely identifies a user and allows us to authorize their Bugzilla access.

It is mostly an abstract class, requiring subclasses to implement most methods.

Note that callers outside of the Bugzilla::Auth package should never create this object directly. Just create a Bugzilla::Auth object and call login on it.

LOGIN METHODS

These are methods that have to do with getting the actual login data from the user or handling a login somehow.

These methods are abstract -- they MUST be implemented by a subclass.

get_login_info()

Description: Gets a username/password from the user, or some other information that uniquely identifies them. Params: None Returns: A $login_data hashref. (See Bugzilla::Auth for details.) The hashref MUST contain: user_id *or* username If this is a login method that requires verification, the hashref MUST contain password. The hashref MAY contain realname and extern_id.

fail_nodata()

Description: This function is called when Bugzilla doesn't get a username/password and the login type is LOGIN_REQUIRED (See Bugzilla::Auth for a description of LOGIN_REQUIRED). That is, this handles AUTH_NODATA in that situation.

             This function MUST stop CGI execution when it is complete.
             That is, it must call C<exit> or C<ThrowUserError> or some
             such thing.
Params:      None
Returns:     Never Returns.

INFO METHODS

These are methods that describe the capabilities of this Bugzilla::Auth::Login object. These are all no-parameter methods that return either true or false.

can_logout

Whether or not users can log out if they logged in using this object. Defaults to true.

can_login

Whether or not users can log in through the web interface using this object. Defaults to true.

requires_persistence

Whether or not we should send the user a cookie if they logged in with this method. Defaults to true.

requires_verification

Whether or not we should check the username/password that we got from this login method. Defaults to true.

user_can_create_account

Whether or not users can create accounts, if this login method is currently being used by the system. Defaults to false.

is_automatic

True if this login method requires no interaction from the user within Bugzilla. (For example, Env auth is "automatic" because the webserver just passes us an environment variable on most page requests, and does not ask the user for authentication information directly in Bugzilla.) Defaults to false.

extern_id_used

Whether or not this login method uses the extern_id field. If used, users with editusers permission will be be allowed to edit the extern_id for all users.

The default value is 0.

<<