From 657e96693fb11ec6f451a683e2862e1be239beab Mon Sep 17 00:00:00 2001
From: Chip Black <bytex64@bytex64.net>
Date: Sat, 21 Feb 2015 01:19:26 -0600
Subject: [PATCH] Add auth counter to perl library

---
 lib/perl/Blerg-Database/Database.xs           | 10 ++++++++++
 lib/perl/Blerg-Database/lib/Blerg/Database.pm |  7 +++++++
 lib/perl/Blerg-Database/t/auth.t              | 12 +++++++++++-
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/lib/perl/Blerg-Database/Database.xs b/lib/perl/Blerg-Database/Database.xs
index e3614db..536bbe1 100644
--- a/lib/perl/Blerg-Database/Database.xs
+++ b/lib/perl/Blerg-Database/Database.xs
@@ -200,3 +200,13 @@ char * auth_login(const char *username, const char *password)
 int auth_logout(const char *username, const char *token)
 
 int auth_check_token(const char *username, const char *given_token)
+
+void auth_get_counter(const char *username)
+    INIT:
+        uint32_t counter = 0;
+    PPCODE:
+        if (auth_get_counter(username, &counter)) {
+            XPUSHs(sv_2mortal(newSVuv(counter)));
+        } else {
+            XSRETURN_UNDEF;
+        }
diff --git a/lib/perl/Blerg-Database/lib/Blerg/Database.pm b/lib/perl/Blerg-Database/lib/Blerg/Database.pm
index 3c4ad12..b75b3f7 100644
--- a/lib/perl/Blerg-Database/lib/Blerg/Database.pm
+++ b/lib/perl/Blerg-Database/lib/Blerg/Database.pm
@@ -277,6 +277,13 @@ Checks that the token represents a valid session for the given username.
 Returns 1 if the session is valid, 0 otherwise.  Also resets the expiration
 time of the session.
 
+=item auth_get_counter(username)
+
+Gets an opaque "counter" value for the auth information of the given username.
+This counter is changed every time the authentication information is changed,
+making it useful for protecting password changes against replay attacks.
+Returns a 32-bit integer on success, or undef on failure.
+
 =back
 
 =head1 CONSTRUCTOR
diff --git a/lib/perl/Blerg-Database/t/auth.t b/lib/perl/Blerg-Database/t/auth.t
index e932cc4..2977409 100644
--- a/lib/perl/Blerg-Database/t/auth.t
+++ b/lib/perl/Blerg-Database/t/auth.t
@@ -2,7 +2,7 @@ use File::Path qw/remove_tree/;
 use strict;
 use warnings;
 
-use Test::More tests => 17;
+use Test::More tests => 21;
 BEGIN { use_ok('Blerg::Database') };
 
 ### Setup
@@ -49,9 +49,19 @@ ok( not defined $token );
 isnt( Blerg::Database::auth_logout($test_user, 'badtoken'), 1 );
 isnt( Blerg::Database::auth_logout('fakeuser', 'badtoken'), 1 );
 
+my $counter1 = Blerg::Database::auth_get_counter('fakeuser');
+ok( !defined $counter1 );
+
+$counter1 = Blerg::Database::auth_get_counter($test_user);
+ok( defined $counter1 );
+isnt( $counter1, 0);
+
 Blerg::Database::auth_set_password($test_user, $password . 'X');
 ok( Blerg::Database::auth_check_password($test_user, $password . 'X') );
 
+my $counter2 = Blerg::Database::auth_get_counter($test_user);
+ok( $counter1 != $counter2 );
+
 END {
 	chdir;
 	remove_tree "/tmp/blerg_test_$$";
-- 
2.25.1