ProductOpener::Users - manage user profiles and sessions
ProductOpener::Users contains functions to create and edit user profiles and to manage user sessions.
use ProductOpener::Users qw/:all/;
[..]
init_user($request_ref);
[..]
generate_token() generates a secure token for the session IDs. More information: https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#Session_ID_Content_.28or_Value.29
Creates a new session ID
Takes $password and hashes it using scrypt
create_password_hash() This function hashes the user's password using Scrypt which is a salted hashing algorithm. Password salting adds a random sequence of data to each password and then hashes it. Password hashing is turning a password into a random string by using some algorithm.
$password : String
Returns the salted hashed sequence.
Turns $password into hash using md5 or scrypt and compares it to $hash.
check_password_hash() This function takes the hash generated by create_password_hash() and the input password string. Further, it hashes the input password string md5 or scrypt and verifies if it matches with stored password hash. If the stored hash matches the input-password hash, it returns 1. Otherwise, it's a 0.
Takes in 2 string: $password and $hash generated by create_password_hash()
Boolean: This function returns a 1/0 (True or False)
delete_user() Creates a background job to delete the user
Takes in the $user_ref of the user to be deleted
delete_user_task() Background task that deletes a user. This function removes the user files, the email and re-assigns product edits to openfoodfacts-contributors-[random number]
Minion job arguments. $args_ref contains the userid and email
Checks if the user with the passed user ID is an admin or not.
The user ID is passed
Boolean: This function returns a 1/0 (True or False)
This method checks a new org entry for a user.
warning: It has the side effect of already listing user in the org, and removing it from eventual previous one. If new_org is empty, user is removed from previous org.
It also creates the org if did not yet exists.
It should be called only by admin.
check_user_form() This method checks and validates the different entries in the user form. It also handles Spam-usernames, fields for the organization accounts.
This will then be used in process_user_form
edit / add / delete
Notify admin that a user requested to be part of an org
Is the org newly created ?
the request object
A user requested to be part of a producer organization. Process it.
Process user form.
To be used after check_user_form
edit / add / delete
This sets pro_moderator_owner according to request parameter. Sets it in $User global and $user_ref.
This variable is used to say that a moderator or admin is acting on the pro platform as part of a specific company.
We used to use crypt instead of scrypt to store hashed passwords. If the user is logging in with a correct password, we can update the password hash.
Remove the oldest session if we have too many sessions opened for an user.
Generate a session cookie.
Session cookie.
Open a session, store it in the user object, and return a cookie with the session id in the request object.
The cookie is returned in $request_ref
This sub introduces a server option to whitelist IPs for all cookies.