|
0
|
1 package Engine::Security::IPSession;
|
|
|
2 use strict;
|
|
|
3 use Digest::MD5 qw(md5_hex);
|
|
|
4
|
|
|
5 our %IPMap; # { IP_ADDR => {user => 'name', ClientSecData => 'ClientData', InitSecData => 'ServerData'} }
|
|
|
6
|
|
|
7 sub ReadSecData {
|
|
|
8
|
|
|
9 return $IPMap{$ENV{REMOTE_ADDR} || ''} ? $IPMap{$ENV{REMOTE_ADDR} || ''}->{ClientSecData} : undef; # avoid from create hash item
|
|
|
10 }
|
|
|
11
|
|
|
12 sub WriteSecData {
|
|
|
13 my ($class,$data) = @_;
|
|
|
14 # does nothing
|
|
|
15 }
|
|
|
16
|
|
|
17 sub ReadSSID {
|
|
|
18 my ($class,$authEngineObj) = @_;
|
|
|
19
|
|
|
20 my $ip = $ENV{REMOTE_ADDR};
|
|
|
21 return undef if not $IPMap{$ip || ''};
|
|
|
22 my $SSID = md5_hex($ip);
|
|
|
23
|
|
|
24 if (not my $session = $authEngineObj->AuthMod->DS->LoadSession($SSID)) {
|
|
|
25 my $User = $authEngineObj->AuthMod->DS->FindUser($IPMap{$ip}->{user}) or warn "can't authenticate the $ip: user not found" and return undef;
|
|
|
26 $authEngineObj->AuthMod->DS->CreateSession($SSID,$User,$authEngineObj->AuthMod->SecPackage->NewAuthData($IPMap{$ip}->{InitSecData}));
|
|
|
27 } elsif ($session->User->Name ne $IPMap{$ip}->{user}) {
|
|
|
28 # update user
|
|
|
29 my $User = $authEngineObj->AuthMod->DS->FindUser($IPMap{$ip}->{user});
|
|
|
30 if ($User) {
|
|
|
31 $session->User($User);
|
|
|
32 } else {
|
|
|
33 warn "can't authenticate the $ip: user not found";
|
|
|
34 $authEngineObj->AuthMod->DS->CloseSession($session);
|
|
|
35 }
|
|
|
36 }
|
|
|
37
|
|
|
38 return $SSID;
|
|
|
39 }
|
|
|
40
|
|
|
41 sub WriteSSID {
|
|
|
42 my ($class,$data) = @_;
|
|
|
43
|
|
|
44 #do nothing
|
|
|
45 }
|
|
|
46
|
|
|
47
|
|
|
48 1;
|
