Authenticate_User: rewritten to replace dummy

1 files changed, 38 insertions, 2 deletions

diff --git a/GradeBook_lib.tcl b/GradeBook_lib.tcl
index 4343ad8..0eeb478 100755
--- a/GradeBook_lib.tcl
+++ b/GradeBook_lib.tcl
@@ -1843,8 +1843,44 @@ proc is_User_Registered_in_Passwords_DB { user_requested } {
 }
 
 proc Authenticate_User { user_requested password } {
-	#return __non_existing_user_
-	return $user_requested
+	# return the username of authentificated user or a guest like username
+	global GradebookServerConfig
+	set err [catch {
+		sqlite3 pdb $GradebookServerConfig(passwords_db_file)
+	} errStat ]
+	if { $err } {
+		htmlErrorMsg  "Problem accessing passwords database, please, contact system administrator"
+		dbg  "$errStat with filename $GradebookServerConfig(passwords_db_file)" msg_level_critical
+		return __non_existing_user__
+	} 
+
+	dbg "access rights check for user: $user_requested" msg_level_info
+	set PasswordHash [::md5::md5 -hex $password]
+
+	if { ![ is_User_Registered_in_Passwords_DB $user_requested ] } {
+		pdb close
+		return __non_existing_user__
+	}
+
+	set eval_str [list SELECT UserName FROM PasswordsTable WHERE UserName='$user_requested' AND PasswordHash='$PasswordHash']
+	set err [catch {
+		pdb eval $eval_str valid_user_name_array {}
+	} errStat ]
+	if { $err } {
+		htmlErrorMsg  "Problem accessing passwords database, please, contact system administrator"
+		dbg  "$errStat" msg_level_critical
+	} 
+
+	if { [ info exist valid_user_name_array(UserName) ] } {
+		dbg "Credentials match for $user_requested in the passwords DB" msg_level_info
+		set user  $valid_user_name_array(UserName);
+	} else {
+		dbg "Credentials for $user_requested  do not match stored in password DB" msg_level_info
+		set user __wrong_password_user__
+	}
+	
+	pdb close
+	return $user
 }
 
 proc AccessGroupRights {db  user password } {