Fix administrator handling.

Actually use admins table for authentication of reseller and admin.
Save pass as md5 hash (should be bcrypt at some point!)
Display proper user name in view.

lib/NGCP/Panel.pm

@@ -109,33 +109,27 @@ __PACKAGE__->config(
         reseller => {
             credential => {
                 class => 'Password',
-                password_field => 'password',
-                password_type => 'clear'
+                password_field => 'md5pass',
+                password_type => 'hashed',
+                password_hash_type => 'MD5'
             },
             store => {
-                class => 'Minimal',
-                users => {
-                    reseller => {
-                        password => 'reseller',
-                        roles => [qw/reseller/],
-                    }
-                }
+                class => 'DBIx::Class',
+                user_model => 'billing::admins',
+                id_field => 'id',
             }
         },
         admin => {
             credential => {
                 class => 'Password',
-                password_field => 'password',
-                password_type => 'clear'
+                password_field => 'md5pass',
+                password_type => 'hashed',
+                password_hash_type => 'MD5'
             },
             store => {
-                class => 'Minimal',
-                users => {
-                    administrator => {
-                        password => 'administrator',
-                        roles => [qw/administrator/],
-                    },
-                }
+                class => 'DBIx::Class',
+                user_model => 'billing::admins',
+                id_field => 'id',
             }
         }
     }

lib/NGCP/Panel/Controller/Administrator.pm

@@ -4,6 +4,7 @@ use namespace::sweep;
 BEGIN { extends 'Catalyst::Controller'; }
 use NGCP::Panel::Form::Administrator qw();
 use NGCP::Panel::Utils qw();
+use Digest::MD5 qw(md5_hex);
 
 sub list_admin :PathPart('administrator') :Chained('/') :CaptureArgs(0) {
     my ($self, $c) = @_;
@@ -50,6 +51,7 @@ sub create :Chained('list_admin') :PathPart('create') :Args(0) {
     if ($form->validated) {
         try {
             delete $form->params->{save};
+	    $form->params->{md5pass} = md5_hex($form->params->{md5pass});
             $c->model('billing')->resultset('admins')->create($form->params);
             $c->flash(messages => [{type => 'success', text => 'Administrator created.'}]);
             $c->response->redirect($c->uri_for);
@@ -93,6 +95,9 @@ sub edit :Chained('base') :PathPart('edit') :Args(0) {
             # flatten nested hashref instead of recursive update
             $form_values->{reseller_id} = delete $form_values->{reseller}{id};
             delete $form_values->{reseller};
+	    if($form_values->{md5pass} and length $form_values->{md5pass}) {
+	    	$form_values->{md5pass} = md5_hex($form_values->{md5pass});
+	    }
             $c->stash->{admins}->search_rs({ id => $form_values->{id} })->update($form_values);
             $c->flash(messages => [{type => 'success', text => 'Administrator changed.'}]);
         } catch($e) {

lib/NGCP/Panel/Controller/Login.pm

@@ -42,7 +42,42 @@ sub index :Path Form {
         my $user = $form->field('username')->value;
         my $pass = $form->field('password')->value;
         $c->log->debug("*** Login::index user=$user, pass=$pass, realm=$realm");
-        if($c->authenticate({ username => $user, password => $pass }, $realm)) {
+        my $res;
+        if($realm eq 'admin') {
+            $res = $c->authenticate(
+                {
+                    login => $user, 
+                    md5pass => $pass,
+                    'dbix_class' => {
+                        searchargs => [{
+                            -and => [
+                                login => $user,
+                                is_active => 1, 
+                                reseller_id => 1 
+                            ],
+                        }],
+                    }
+                }, 
+                $realm);
+        } elsif($realm eq 'reseller') {
+            $res = $c->authenticate(
+                {
+                    login => $user, 
+                    md5pass => $pass,
+                    'dbix_class' => {
+                        searchargs => [{
+                            -and => [ 
+                                login => $user,
+                                is_active => 1, 
+                                reseller_id => { '>' => 1 } 
+                            ],
+                        }],
+                    }
+                }, 
+                $realm);
+        }
+
+        if($res) {
             # auth ok
             my $target = $c->session->{'target'} || '/';
             delete $c->session->{target};

share/layout/body.tt

@@ -29,7 +29,8 @@
                     </li>
                 </ul>
                 <ul class="pull-right">
-                    <li><a href="javascript:;"><i class="icon-user"></i> Logged in as [% c.user.id %]</a></li>
+                <!-- [% USE Dumper; Dumper.dump(c.user); %] -->
+                    <li><a href="javascript:;"><i class="icon-user"></i> Logged in as [% c.user.login %]</a></li>
                     <li><a href="javascript:;"><span class="badge badge-primary">1</span> New Message</a></li>
                     <li class="dropdown">
                         <a href="./pages/settings.html" class="dropdown-toggle" data-toggle="dropdown">