Why not adopt me?
NAME
User::Simple - Simple user sessions management
SYNOPSIS
$usr = User::Simple->new(db => $db,
[tbl => $user_table],
[durat => $duration],
[debug => $debug] );
$ok = $usr->ck_session($session);
$ok = $usr->ck_login($login, $passwd, [$no_sess]);
$ok = $usr->set_passwd($new_pass);
$usr->end_session;
$name = $usr->name;
$login = $usr->login;
$id = $usr->id;
$session = $usr->session;
$ok = $usr->is_admin;
DESCRIPTION
User::Simple provides a very simple framework for validating users, managing their sessions and storing a minimal set of information (this is, a meaningful user login/password pair and the user's name) via a database. The sessions can be used as identifiers for i.e. cookies on a Web system. The passwords are stored as MD5 hashes (this means, the password is not stored in clear text).
User::Simple was originally developed with a PostgreSQL database in mind, but should work with any real DBMS. Sadly, this rules out DBD::CSV, DBD::XBase, DBD::Excel and many others - The user table requires the driver to implement primary keys and NOT NULL/UNIQUE constraints.
In order to create a User::Simple object, call the new argument with an active DBI (database connection) object as its only argument:
$usr = User::Simple->new(db => $db, [tbl => $table], [durat => $duration],
[debug => $debug]);
Of course, the database must have the right structure in it - please check User::Simple::Admin for more information.
The tbl
parameter is the name of the table where the user information is stored. If not specified, it defaults to 'user_simple'.
durat
is the number of minutes a user's session should last. Its default is of 30 minutes.
debug
is the verbosity level of the debugging messages - The default is 2, it accepts integers between 0 and 5 (higher means more messages). Messages of high relevance (i.e. the database failing to reflect any changes we request it to make) are shown if debug is >= 1, regular failure messages are shown if debug >= 3, absolutely everything is shown if debug == 5. Be warned that when debug is set to 5, information such as cleartext passwords will be logged as well!
Once the object is created, we can ask it to verify that a given user is valid, either by checking against a session string or against a login/password pair::
$ok = $usr->ck_session($session);
$ok = $usr->ck_login($login, $passwd, [$no_sess]);
The optional $no_sess argument should be used if we do not want to modify the current session (or to create a new session), we want only to verify the password matches (i.e. when asking for the current password as a confirmation in order to change a user's password). It will almost always be left false.
To change the user's password:
$ok = $usr->set_passwd($nvo_pass);
To end a session:
$ok = $usr->end_session;
To verify whether we have successfully validated a user:
$ok = $usr->is_valid;
To check the user's attributes (name, login and ID):
$name = $usr->name;
$login = $usr->login;
$id = $usr->id;
To check if the user has administrative access (again, see User::Simple::Admin for further details):
$ok = $usr->is_admin;
DEPENDS ON
SEE ALSO
User::Simple::Admin for administrative routines
TO DO
This module still requires a decent test suite. In order for it to become automatic, we need to be able to operate without a real RDBMS, i.e., with DBD::CSV.
I would also like to separate a bit the table structure, allowing for flexibility - This means, if you added some extra fields to the table, provide an easy way to access them. Currently, you have to reach in from outside User::Simple, skipping the abstraction, to get them.
Besides that, it works as expected (that is, as I expect ;-) )
AUTHOR
Gunnar Wolf <gwolf@gwolf.org>
COPYRIGHT
Copyright 2005 Gunnar Wolf / Instituto de Investigaciones Económicas UNAM This module is Free Software, it can be redistributed under the same terms as Perl.
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 130:
Non-ASCII character seen before =encoding in 'Económicas'. Assuming CP1252