5.7.5. Bugzilla::Auth::Login

5.7.5.1. NAME

Bugzilla::Auth::Login - Gets username/password data from the user.

5.7.5.2. DESCRIPTION

Bugzilla::Auth::Login is used to get information that uniquely identifies a user and allows us to authorize their Bugzilla access.

It is mostly an abstract class, requiring subclasses to implement most methods.

Note that callers outside of the Bugzilla::Auth package should never create this object directly. Just create a Bugzilla::Auth object and call login on it.

5.7.5.3. LOGIN METHODS

These are methods that have to do with getting the actual login data from the user or handling a login somehow.

These methods are abstract – they MUST be implemented by a subclass.

  • get_login_info()
Description: Gets a username/password from the user, or some other
information that uniquely identifies them.

Params: None Returns: A $login_data hashref. (See Bugzilla::Auth for details.)

The hashref MUST contain: user_id *or* usernameIf this is a login method that requires verification, the hashref MUST contain password. The hashref MAY contain realname and extern_id.
  • fail_nodata()
Description: This function is called when Bugzilla doesn’t get
a username/password and the login type is LOGIN_REQUIRED(See Bugzilla::Auth for a description of LOGIN_REQUIRED). That is, this handles AUTH_NODATA in that situation.
             This function MUST stop CGI execution when it is complete.
             That is, it must call C<exit> or C<ThrowUserError> or some
             such thing.
Params:      None
Returns:     Never Returns.

5.7.5.4. INFO METHODS

These are methods that describe the capabilities of this Bugzilla::Auth::Login object. These are all no-parameter methods that return either true or false.

  • can_logout
Whether or not users can log out if they logged in using this object. Defaults to true.
  • can_login
Whether or not users can log in through the web interface using this object. Defaults to true.
  • requires_persistence
Whether or not we should send the user a cookie if they logged in with this method. Defaults to true.
  • requires_verification
Whether or not we should check the username/password that we got from this login method. Defaults to true.
  • user_can_create_account
Whether or not users can create accounts, if this login method is currently being used by the system. Defaults to false.
  • extern_id_used

Whether or not this login method uses the extern_id field. If used, users with editusers permission will be be allowed to edit the extern_id for all users.

The default value is 0.

This documentation undoubtedly has bugs; if you find some, please file them here.