Mercurial > pub > Impl
annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 201:0c018a247c8a
Reworked REST resource classes to be more transparent and intuitive
author | sergey |
---|---|
date | Tue, 24 Apr 2012 19:52:07 +0400 |
parents | 4d0e1962161c |
children |
rev | line source |
---|---|
73 | 1 package IMPL::Web::QueryHandler::SecureCookie; |
95
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
2 use strict; |
68 | 3 |
166 | 4 use parent qw(IMPL::Web::QueryHandler); |
68 | 5 use Digest::MD5 qw(md5_hex); |
6 | |
7 use IMPL::Class::Property; | |
69 | 8 use IMPL::Security::Auth qw(:Const); |
95
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
9 use IMPL::Security; |
68 | 10 |
11 BEGIN { | |
194 | 12 public property salt => prop_all; |
68 | 13 } |
14 | |
69 | 15 sub CTOR { |
194 | 16 my ($this) = @_; |
17 | |
18 $this->salt('DeadBeef') unless $this->salt; | |
69 | 19 } |
20 | |
68 | 21 sub Process { |
194 | 22 my ($this,$action,$nextHandler) = @_; |
23 | |
24 return undef unless $nextHandler; | |
25 | |
26 local $IMPL::Security::authority = $this; | |
27 | |
28 my $method = $action->query->cookie('method') || 'simple'; | |
29 | |
30 if ($method eq 'simple') { | |
31 | |
32 my $sid = $action->query->cookie('sid'); | |
33 my $cookie = $action->query->cookie('sdata'); | |
34 my $sign = $action->query->cookie('sign'); | |
35 | |
36 if ( | |
37 $sid and | |
38 $cookie and | |
39 $sign and | |
40 $sign eq md5_hex( | |
41 $this->salt, | |
42 $sid, | |
43 $cookie, | |
44 $this->salt | |
45 ) | |
46 ) { | |
47 # TODO: add a DefferedProxy to deffer a request to a data source | |
48 my $context = $action->application->security->sourceSession->find( | |
49 { id => $sid } | |
50 ) or return $nextHandler->(); | |
51 | |
52 my ($result,$challenge) = $context->auth->ValidateSession($cookie); | |
53 | |
54 if ($result == AUTH_SUCCESS) { | |
55 $context->authority($this); | |
56 return $context->Impersonate($nextHandler); | |
57 } else { | |
58 return $nextHandler->(); | |
59 } | |
60 } else { | |
61 return $nextHandler->(); | |
62 } | |
63 } else { | |
64 return $nextHandler->(); | |
65 } | |
68 | 66 } |
67 | |
95
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
68 sub WriteResponse { |
194 | 69 my ($this,$response,$sid,$cookie,$method) = @_; |
95
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
70 |
194 | 71 my $sign = md5_hex( |
72 $this->salt, | |
73 $sid, | |
74 $cookie, | |
75 $this->salt | |
76 ); | |
77 | |
78 $response->setCookie(sid => $sid); | |
79 $response->setCookie(sdata => $cookie); | |
80 $response->setCookie(sign => $sign); | |
81 $response->setCookie(method => $method) if $method; | |
95
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
82 } |
67eb8eaec3d4
Added a security authority property to the Context and Security classes
wizard
parents:
89
diff
changeset
|
83 |
75 | 84 1; |
68 | 85 |
75 | 86 __END__ |
87 | |
88 =pod | |
89 | |
90 =head1 NAME | |
91 | |
92 C<IMPL::Web::QueryHandler::SecureCookie> | |
93 | |
94 =head1 DESCRIPTION | |
95 | |
166 | 96 C<use parent qw(IMPL::Web::QueryHandler)> |
75 | 97 |
180 | 98 Возобновляет сессию пользователя на основе информации переданной через Cookie. |
75 | 99 |
180 | 100 Использует механизм подписи информации для проверки верности входных данных перед |
101 началом каких-либо действий. | |
75 | 102 |
180 | 103 Данный обработчик возвращает результат выполнения следдующего обработчика. |
75 | 104 |
105 =head1 MEMBERS | |
106 | |
107 =over | |
108 | |
109 =item C<[get,set] salt> | |
110 | |
180 | 111 Скаляр, использующийся для подписи данных. |
75 | 112 |
113 =back | |
114 | |
180 | 115 =cut |