From 510359683dbfee5000ef1470f7d7ead55bf56066 Mon Sep 17 00:00:00 2001 From: Eugeniy Mikhailov Date: Sat, 21 Jan 2012 17:34:35 -0500 Subject: Authenticate_User: rewritten to replace dummy --- GradeBook_lib.tcl | 40 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 38 insertions(+), 2 deletions(-) diff --git a/GradeBook_lib.tcl b/GradeBook_lib.tcl index 4343ad8..0eeb478 100755 --- a/GradeBook_lib.tcl +++ b/GradeBook_lib.tcl @@ -1843,8 +1843,44 @@ proc is_User_Registered_in_Passwords_DB { user_requested } { } proc Authenticate_User { user_requested password } { - #return __non_existing_user_ - return $user_requested + # return the username of authentificated user or a guest like username + global GradebookServerConfig + set err [catch { + sqlite3 pdb $GradebookServerConfig(passwords_db_file) + } errStat ] + if { $err } { + htmlErrorMsg "Problem accessing passwords database, please, contact system administrator" + dbg "$errStat with filename $GradebookServerConfig(passwords_db_file)" msg_level_critical + return __non_existing_user__ + } + + dbg "access rights check for user: $user_requested" msg_level_info + set PasswordHash [::md5::md5 -hex $password] + + if { ![ is_User_Registered_in_Passwords_DB $user_requested ] } { + pdb close + return __non_existing_user__ + } + + set eval_str [list SELECT UserName FROM PasswordsTable WHERE UserName='$user_requested' AND PasswordHash='$PasswordHash'] + set err [catch { + pdb eval $eval_str valid_user_name_array {} + } errStat ] + if { $err } { + htmlErrorMsg "Problem accessing passwords database, please, contact system administrator" + dbg "$errStat" msg_level_critical + } + + if { [ info exist valid_user_name_array(UserName) ] } { + dbg "Credentials match for $user_requested in the passwords DB" msg_level_info + set user $valid_user_name_array(UserName); + } else { + dbg "Credentials for $user_requested do not match stored in password DB" msg_level_info + set user __wrong_password_user__ + } + + pdb close + return $user } proc AccessGroupRights {db user password } { -- cgit v1.2.3