From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Mon, 10 Nov 2008 18:21:25 +0000 (+0000)
Subject: added user password verify method.  pass in the md5sum of the pw, return true if... 
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=0760aff26e7dcd5c6ac6d43bd96d2ef7b42c7dd5;p=Evergreen.git

added user password verify method.  pass in the md5sum of the pw, return true if it's a match with the in-DB password

git-svn-id: svn://svn.open-ils.org/ILS/trunk@11118 dcc99617-32d9-48b4-a31d-7c20da2025e4
---

diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index b187291a43..64a2dc2007 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -2961,5 +2961,32 @@ sub retrieve_org_hours {
 }
 
 
+__PACKAGE__->register_method (
+	method		=> 'verify_user_password',
+	api_name	=> 'open-ils.actor.verify_user_password',
+	signature	=> q/
+        Given a barcode or username and the MD5 encoded password, 
+        returns 1 if the password is correct.  Returns 0 otherwise.
+	/
+);
+
+sub verify_user_password {
+    my($self, $conn, $auth, $barcode, $username, $password) = @_;
+    my $e = new_editor(authtoken => $auth);
+	return $e->die_event unless $e->checkauth;
+    my $user;
+    if($barcode) {
+        my $card = $e->search_actor_card([
+            {barcode => $barcode},
+            {flesh => 1, flesh_fields => {ac => ['usr']}}])->[0] or return 0;
+        $user = $card->usr;
+    } else {
+        $user = $e->search_actor_user({usrname => $username})->[0] or return 0;
+    }
+    return $e->event unless $e->allowed('VIEW_USER', $user->home_ou);
+    return 1 if $user->passwd eq $password;
+    return 0;
+}
+
 1;