summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/JWebmail/Controller/Webmail.pm28
-rw-r--r--lib/JWebmail/Model/ReadMails/Role.pm4
-rw-r--r--lib/JWebmail/Plugin/Helper.pm21
3 files changed, 20 insertions, 33 deletions
diff --git a/lib/JWebmail/Controller/Webmail.pm b/lib/JWebmail/Controller/Webmail.pm
index 6754ac7..f0d45b3 100644
--- a/lib/JWebmail/Controller/Webmail.pm
+++ b/lib/JWebmail/Controller/Webmail.pm
@@ -33,6 +33,10 @@ sub auth {
return 0;
}
+ my $authConf = {user => $user, password => $pw};
+ $authConf->{challenge} = $self->app->secrets->[0] if $self->config->{session}{secure} eq 'cram';
+ $self->stash(auth => $self->users->Auth($authConf));
+
return 1;
}
@@ -114,11 +118,7 @@ sub displayheaders {
no warnings 'experimental::smartmatch';
my $self = shift;
- my $auth = $self->users->Auth(
- user => $self->session(S_USER),
- password => $self->session_passwd,
- challenge => $self->app->secrets->[0],
- );
+ my $auth = $self->stash('auth');
my $folders = _time { $self->users->folders($auth) } $self, 'user folders';
@@ -178,11 +178,7 @@ sub readmail {
my $mid = $self->stash('id');
- my $auth = $self->users->Auth(
- user => $self->session(S_USER),
- password => $self->session_passwd,
- challenge => $self->app->secrets->[0],
- );
+ my $auth = $self->stash('auth');
my $mail;
eval { $mail = $self->users->show($auth, $mid) };
@@ -203,11 +199,7 @@ sub raw {
my $mid = $self->stash('id');
- my $auth = $self->users->Auth(
- user => $self->session(S_USER),
- password => $self->session_passwd,
- challenge => $self->app->secrets->[0],
- );
+ my $auth = $self->stash('auth');
my $mail = $self->users->show($auth, $mid);
@@ -291,11 +283,7 @@ sub move {
return;
}
- my $auth = $self->users->Auth(
- user => $self->session(S_USER),
- password => $self->session_passwd,
- challenge => $self->app->secrets->[0],
- );
+ my $auth = $self->stash('auth');
my $folders = $self->users->folders($auth);
my $mm = $self->every_param('mail');
diff --git a/lib/JWebmail/Model/ReadMails/Role.pm b/lib/JWebmail/Model/ReadMails/Role.pm
index 3c6d7ee..6d41964 100644
--- a/lib/JWebmail/Model/ReadMails/Role.pm
+++ b/lib/JWebmail/Model/ReadMails/Role.pm
@@ -12,9 +12,9 @@ sub Auth {
password => {required => 1, defined => 1},
challenge => {defined => 1},
};
- my $self = @_ == 1 ? {$_[0]} : {@_};
+ my $self = @_ == 1 ? $_[0] : {@_};
- return check($AuthCheck, $self, 1) || die;
+ return check($AuthCheck, $self, 0) || die Params::Check::last_error;
}
requires(
diff --git a/lib/JWebmail/Plugin/Helper.pm b/lib/JWebmail/Plugin/Helper.pm
index c454b9f..3281d26 100644
--- a/lib/JWebmail/Plugin/Helper.pm
+++ b/lib/JWebmail/Plugin/Helper.pm
@@ -83,7 +83,8 @@ sub print_sizes2 {
sub d { qr/([[:digit:]]{$_[0]})/ }
sub parse_iso_date {
- my @d = shift =~ m/@{[d(4).'-'.d(2).'-'.d(2).'T'.d(2).':'.d(2).':'.d(2)]}/;
+ state $rx = d(4).'-'.d(2).'-'.d(2).'T'.d(2).':'.d(2).':'.d(2);
+ my @d = shift =~ m/$rx/;
if (!all { defined $_ } @d) {
# TODO
}
@@ -159,10 +160,10 @@ sub session_passwd {
warn_crypt($c);
if (defined $passwd) { # set
- if ( HMAC && lc($c->config->{'session'}{secure} || 'none') eq 'cram' ) {
+ if ( HMAC && lc($c->config->{session}{secure}) eq 'cram' ) {
$c->session(S_PASSWD() => $passwd ? b64_encode(hmac_md5($passwd, $c->app->secrets->[0]), '') : '');
}
- elsif (lc($c->config->{'session'}->{secure} || 'none') eq 's3d') {
+ elsif (lc($c->config->{session}{secure}) eq 's3d') {
unless ($passwd) {
$c->s3d(S_PASSWD, '');
delete $c->session->{S_OTP_S3D_PW()};
@@ -181,10 +182,10 @@ sub session_passwd {
}
}
else { # get
- if ( HMAC && lc($c->config->{'session'}->{secure} || 'none') eq 'cram' ) {
+ if ( HMAC && lc($c->config->{'session'}{secure}) eq 'cram' ) {
return ($c->app->secrets->[0], $c->session(S_PASSWD));
}
- elsif (lc($c->config->{'session'}->{secure} || 'none') eq 's3d') {
+ elsif (lc($c->config->{'session'}{secure}) eq 's3d') {
my $pw = b64_decode($c->s3d(S_PASSWD) || '');
my $otp = b64_decode($c->session(S_OTP_S3D_PW) || '');
my ($res) = split "\n", decode('UTF-8', $pw ^ $otp), 2;
@@ -201,11 +202,10 @@ sub warn_cram {
state $once = 0;
- if ( !HMAC && !$once && lc($c->config->{'session'}->{secure} || 'none') eq 'cram' ) {
+ if ( !HMAC && !$once && lc($c->config->{'session'}{secure}) eq 'cram' ) {
$c->log->warn("cram requires Digest::HMAC_MD5. Falling back to 'none'.");
+ $once = 1;
}
-
- $once = 1;
}
sub warn_crypt {
@@ -213,11 +213,10 @@ sub warn_crypt {
state $once = 0;
- if ( !TRUE_RANDOM && !$once && lc($c->config->{'session'}->{secure} || 'none') eq 's3d' ) {
+ if ( !TRUE_RANDOM && !$once && lc($c->config->{'session'}{secure}) eq 's3d' ) {
$c->log->warn("Falling back to pseudo random generation. Please install Crypt::Random");
+ $once = 1;
}
-
- $once = 1;
}
### pagination