pub/Impl: Lib/IMPL/Web/QueryHandler/SecureCookie.pm annotate

annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 229:47f77e6409f7

heavily reworked the resource model of the web application: *some ResourcesContraact functionality moved to Resource +Added CustomResource *Corrected action handlers

author	sergey
date	Sat, 29 Sep 2012 02:34:47 +0400
parents	4d0e1962161c
children

rev	line source
73 2f31ecabe9ea doc wizard parents: 69 diff changeset	1 package IMPL::Web::QueryHandler::SecureCookie;
95 67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	2 use strict;
68 739f1288ca84 Auth in progress wizard parents: diff changeset	3
166 4267a2ac3d46 Added Class::Template, wizard parents: 158 diff changeset	4 use parent qw(IMPL::Web::QueryHandler);
68 739f1288ca84 Auth in progress wizard parents: diff changeset	5 use Digest::MD5 qw(md5_hex);
739f1288ca84 Auth in progress wizard parents: diff changeset	6
739f1288ca84 Auth in progress wizard parents: diff changeset	7 use IMPL::Class::Property;
69 8c7b88bdb663 Cookie Simple auth support wizard parents: 68 diff changeset	8 use IMPL::Security::Auth qw(:Const);
95 67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	9 use IMPL::Security;
68 739f1288ca84 Auth in progress wizard parents: diff changeset	10
739f1288ca84 Auth in progress wizard parents: diff changeset	11 BEGIN {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	12 public property salt => prop_all;
68 739f1288ca84 Auth in progress wizard parents: diff changeset	13 }
739f1288ca84 Auth in progress wizard parents: diff changeset	14
69 8c7b88bdb663 Cookie Simple auth support wizard parents: 68 diff changeset	15 sub CTOR {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	16 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	17
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	18 $this->salt('DeadBeef') unless $this->salt;
69 8c7b88bdb663 Cookie Simple auth support wizard parents: 68 diff changeset	19 }
8c7b88bdb663 Cookie Simple auth support wizard parents: 68 diff changeset	20
68 739f1288ca84 Auth in progress wizard parents: diff changeset	21 sub Process {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	22 my ($this,$action,$nextHandler) = @_;
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	23
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	24 return undef unless $nextHandler;
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	25
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	26 local $IMPL::Security::authority = $this;
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	27
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	28 my $method = $action->query->cookie('method') \|\| 'simple';
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	29
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	30 if ($method eq 'simple') {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	31
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	32 my $sid = $action->query->cookie('sid');
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	33 my $cookie = $action->query->cookie('sdata');
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	34 my $sign = $action->query->cookie('sign');
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	35
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	36 if (
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	37 $sid and
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	38 $cookie and
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	39 $sign and
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	40 $sign eq md5_hex(
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	41 $this->salt,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	42 $sid,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	43 $cookie,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	44 $this->salt
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	45 )
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	46 ) {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	47 # TODO: add a DefferedProxy to deffer a request to a data source
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	48 my $context = $action->application->security->sourceSession->find(
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	49 { id => $sid }
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	50 ) or return $nextHandler->();
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	51
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	52 my ($result,$challenge) = $context->auth->ValidateSession($cookie);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	53
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	54 if ($result == AUTH_SUCCESS) {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	55 $context->authority($this);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	56 return $context->Impersonate($nextHandler);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	57 } else {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	58 return $nextHandler->();
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	59 }
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	60 } else {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	61 return $nextHandler->();
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	62 }
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	63 } else {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	64 return $nextHandler->();
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	65 }
68 739f1288ca84 Auth in progress wizard parents: diff changeset	66 }
739f1288ca84 Auth in progress wizard parents: diff changeset	67
95 67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	68 sub WriteResponse {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	69 my ($this,$response,$sid,$cookie,$method) = @_;
95 67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	70
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	71 my $sign = md5_hex(
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	72 $this->salt,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	73 $sid,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	74 $cookie,
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	75 $this->salt
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	76 );
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	77
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	78 $response->setCookie(sid => $sid);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	79 $response->setCookie(sdata => $cookie);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	80 $response->setCookie(sign => $sign);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	81 $response->setCookie(method => $method) if $method;
95 67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	82 }
67eb8eaec3d4 Added a security authority property to the Context and Security classes wizard parents: 89 diff changeset	83
75 915df8fcd16f docs wizard parents: 74 diff changeset	84 1;
68 739f1288ca84 Auth in progress wizard parents: diff changeset	85
75 915df8fcd16f docs wizard parents: 74 diff changeset	86 __END__
915df8fcd16f docs wizard parents: 74 diff changeset	87
915df8fcd16f docs wizard parents: 74 diff changeset	88 =pod
915df8fcd16f docs wizard parents: 74 diff changeset	89
915df8fcd16f docs wizard parents: 74 diff changeset	90 =head1 NAME
915df8fcd16f docs wizard parents: 74 diff changeset	91
915df8fcd16f docs wizard parents: 74 diff changeset	92 C<IMPL::Web::QueryHandler::SecureCookie>
915df8fcd16f docs wizard parents: 74 diff changeset	93
915df8fcd16f docs wizard parents: 74 diff changeset	94 =head1 DESCRIPTION
915df8fcd16f docs wizard parents: 74 diff changeset	95
166 4267a2ac3d46 Added Class::Template, wizard parents: 158 diff changeset	96 C<use parent qw(IMPL::Web::QueryHandler)>
75 915df8fcd16f docs wizard parents: 74 diff changeset	97
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	98 Возобновляет сессию пользователя на основе информации переданной через Cookie.
75 915df8fcd16f docs wizard parents: 74 diff changeset	99
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	100 Использует механизм подписи информации для проверки верности входных данных перед
d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	101 началом каких-либо действий.
75 915df8fcd16f docs wizard parents: 74 diff changeset	102
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	103 Данный обработчик возвращает результат выполнения следдующего обработчика.
75 915df8fcd16f docs wizard parents: 74 diff changeset	104
915df8fcd16f docs wizard parents: 74 diff changeset	105 =head1 MEMBERS
915df8fcd16f docs wizard parents: 74 diff changeset	106
915df8fcd16f docs wizard parents: 74 diff changeset	107 =over
915df8fcd16f docs wizard parents: 74 diff changeset	108
915df8fcd16f docs wizard parents: 74 diff changeset	109 =item C<[get,set] salt>
915df8fcd16f docs wizard parents: 74 diff changeset	110
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	111 Скаляр, использующийся для подписи данных.
75 915df8fcd16f docs wizard parents: 74 diff changeset	112
915df8fcd16f docs wizard parents: 74 diff changeset	113 =back
915df8fcd16f docs wizard parents: 74 diff changeset	114
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	115 =cut

Mercurial > pub > Impl

annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 229:47f77e6409f7