annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 134:44977efed303

Significant performance optimizations Fixed recursion problems due converting objects to JSON Added cache support for the templates Added discovery feature for the web methods
author wizard
date Mon, 21 Jun 2010 02:39:53 +0400
parents 964587c5183c
children a9f4ba4783eb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
73
wizard
parents: 69
diff changeset
1 package IMPL::Web::QueryHandler::SecureCookie;
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
2 use strict;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
3
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
4 use base qw(IMPL::Web::QueryHandler);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
5 use Digest::MD5 qw(md5_hex);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
6
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
7 use IMPL::Class::Property;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
8 use IMPL::Security::Auth qw(:Const);
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
9 use IMPL::Security;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
10
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
11 BEGIN {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
12 public property salt => prop_all;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
13 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
14
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
15 sub CTOR {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
16 my ($this) = @_;
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
17
75
wizard
parents: 74
diff changeset
18 $this->salt('DeadBeef') unless $this->salt;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
19 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
20
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
21 sub Process {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
22 my ($this,$action,$nextHandler) = @_;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
23
75
wizard
parents: 74
diff changeset
24 return undef unless $nextHandler;
wizard
parents: 74
diff changeset
25
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
26 local $IMPL::Security::authority = $this;
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
27
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
28 my $method = $action->query->cookie('method') || 'simple';
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
29
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
30 if ($method eq 'simple') {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
31
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
32 my $sid = $action->query->cookie('sid');
75
wizard
parents: 74
diff changeset
33 my $cookie = $action->query->cookie('sdata');
wizard
parents: 74
diff changeset
34 my $sign = $action->query->cookie('sign');
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
35
75
wizard
parents: 74
diff changeset
36 if (
wizard
parents: 74
diff changeset
37 $sid and
wizard
parents: 74
diff changeset
38 $cookie and
wizard
parents: 74
diff changeset
39 $sign and
wizard
parents: 74
diff changeset
40 $sign eq md5_hex(
wizard
parents: 74
diff changeset
41 $this->salt,
wizard
parents: 74
diff changeset
42 $sid,
wizard
parents: 74
diff changeset
43 $cookie,
wizard
parents: 74
diff changeset
44 $this->salt
wizard
parents: 74
diff changeset
45 )
wizard
parents: 74
diff changeset
46 ) {
89
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
47 my $context = $action->application->security->sourceSession->find(
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
48 { id => $sid }
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
49 ) or return $nextHandler->();
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
50
74
wizard
parents: 73
diff changeset
51 my ($result,$challenge) = $context->auth->ValidateSession($cookie);
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
52
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
53 if ($result == AUTH_SUCCESS) {
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
54 $context->authority($this);
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
55 return $context->Impersonate($nextHandler);
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
56 } else {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
57 return $nextHandler->();
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
58 }
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
59 } else {
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
60 return $nextHandler->();
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
61 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
62 } else {
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
63 return $nextHandler->();
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
64 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
65 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
66
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
67 sub WriteResponse {
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
68 my ($this,$response,$sid,$cookie,$method) = @_;
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
69
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
70 my $sign = md5_hex(
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
71 $this->salt,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
72 $sid,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
73 $cookie,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
74 $this->salt
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
75 );
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
76
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
77 $response->setCookie(sid => $sid);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
78 $response->setCookie(sdata => $cookie);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
79 $response->setCookie(sign => $sign);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
80 $response->setCookie(method => $method) if $method;
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
81 }
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
82
75
wizard
parents: 74
diff changeset
83 1;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
84
75
wizard
parents: 74
diff changeset
85 __END__
wizard
parents: 74
diff changeset
86
wizard
parents: 74
diff changeset
87 =pod
wizard
parents: 74
diff changeset
88
wizard
parents: 74
diff changeset
89 =head1 NAME
wizard
parents: 74
diff changeset
90
wizard
parents: 74
diff changeset
91 C<IMPL::Web::QueryHandler::SecureCookie>
wizard
parents: 74
diff changeset
92
wizard
parents: 74
diff changeset
93 =head1 DESCRIPTION
wizard
parents: 74
diff changeset
94
wizard
parents: 74
diff changeset
95 C<use base qw(IMPL::Web::QueryHandler)>
wizard
parents: 74
diff changeset
96
wizard
parents: 74
diff changeset
97 Возобновляет сессию пользователя на основе информации переданной через Cookie.
wizard
parents: 74
diff changeset
98
wizard
parents: 74
diff changeset
99 Использует механизм подписи информации для проверки верности входных данных перед
wizard
parents: 74
diff changeset
100 началом каких-либо действий.
wizard
parents: 74
diff changeset
101
wizard
parents: 74
diff changeset
102 Данный обработчик возвращает результат выполнения следдующего обработчика.
wizard
parents: 74
diff changeset
103
wizard
parents: 74
diff changeset
104 =head1 MEMBERS
wizard
parents: 74
diff changeset
105
wizard
parents: 74
diff changeset
106 =over
wizard
parents: 74
diff changeset
107
wizard
parents: 74
diff changeset
108 =item C<[get,set] salt>
wizard
parents: 74
diff changeset
109
wizard
parents: 74
diff changeset
110 Скаляр, использующийся для подписи данных.
wizard
parents: 74
diff changeset
111
wizard
parents: 74
diff changeset
112 =back
wizard
parents: 74
diff changeset
113
wizard
parents: 74
diff changeset
114 =cut