Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Tie::Htpasswd

by kayos (Sexton)
on Apr 25, 2000 at 21:04 UTC ( #9034=sourcecode: print w/ replies, xml ) Need Help??

Category: CGI programming
Author/Contact Info T.R. Fullhart, kayos@kayos.org
Description:

If you have a "membership" area that uses HTTP Basic Auth, then you probably have to edit the .htpasswd file pretty often. This module let's you treat the .htpasswd file as a Tied hash.

This module uses Apache::Htpasswd.

Example:

use Tie::Htpasswd; tie %htpasswd, 'Tie::Htpasswd', "/home/httpd/htdocs/.htpasswd"; $htpasswd{username} = "password"; # assignment automatically crypt() +s delete $htpasswd{username}; # removed from .htpasswd untie %htpasswd; # save the file
# $Id: Htpasswd.pm,v 1.3 2000/05/24 20:27:48 kayos Exp $
package Tie::Htpasswd;

use strict;
use vars qw($VERSION);
use Apache::Htpasswd;

$VERSION = sprintf("%d.%02d",q$Revision: 1.3 $ =~ /(\d+)\.(\d+)/);

my $F_FILENAME = 0;
my $F_DATA = 1;

sub TIEHASH {
        my ($pkg, $filename) = @_;
        my $obj = [];

        $obj->[$F_FILENAME] = $filename;
        $obj->[$F_DATA] = new Apache::Htpasswd($filename);

        return (bless $obj, $pkg);      
}

sub FETCH {
        my ($self,$key) = @_;
        return $self->[$F_DATA]->fetchPass($key);
}

sub STORE {
        my ($self,$key,$value) = @_;
        if($self->[$F_DATA]->fetchPass($key)) {
                $self->[$F_DATA]->htpasswd($key,$value,1);
        } else {
                $self->[$F_DATA]->htpasswd($key,$value);
        }
        return $self->[$F_DATA]->fetchPass($key);
}

sub DELETE {
        my ($self,$key) = @_;
        my $prev_value = $self->[$F_DATA]->fetchPass($key);
        $self->[$F_DATA]->htDelete($key);
        return $prev_value;
}

sub EXISTS {
        my ($self,$key) = @_;
        my $result = $self->[$F_DATA]->fetchPass($key);
        return ( $result );
}

sub DESTROY {
        my ($self) = @_;
        undef $self->[$F_DATA];
}

1;

Comment on Tie::Htpasswd
Download Code
RE: Tie::Htpasswd
by KM (Priest) on May 20, 2000 at 04:03 UTC
    One thing you are not doing is using any type of locking in this module. This can present a race condition if more than one instance of this script is running at the same time. This can be a common mistake, and may not be so horrible when this wipes out someones hit counter, but a password file is something different. Take a look at MJD's Perl Hardware Store talks at http://conferences.oreilly.com/cd/perl3/presentations/mdominus/HARDWARE1/slide020.html (and a few slides after that one).

    You may also want to consider having the module import and use some of the methods from Apache::Htpasswd, which already has a locking scheme.

    Another possible problem is that you do not re-read the password file before writing it. If you script opens the file, and while it does other things another process writes to the file, you will wipe out whatever changes were made. The DESTROY function should only change what is needed, as opposed to writing out whatever you have saved. Consider this:

    • * Tie::Htpasswd reads in the file data in TIEHASH
    • * someone runs htpasswd and adds a new user or two
    • * Tie::Htpasswd::DESTROY() is called, and rewrites the file with the data based on what was read in in TIEHASH.
    • * Data is now not what it should be.

      Thanks. I was just going to add locking and all that, so I decided to check out Perl Monks to see if anyone commented on it. I'll check out Apache::Htpasswd.

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://9034]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (7)
As of 2014-12-27 04:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls