annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 87:6d3bca490556

small fixes in the security moodules
author wizard
date Mon, 19 Apr 2010 23:20:46 +0400
parents 915df8fcd16f
children 3d1f584aea60
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
73
wizard
parents: 69
diff changeset
1 package IMPL::Web::QueryHandler::SecureCookie;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
2
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
3 use base qw(IMPL::Web::QueryHandler);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
4 use Digest::MD5 qw(md5_hex);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
5
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
6 use IMPL::Class::Property;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
7 use IMPL::Security::Auth qw(:Const);
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
8
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
9 BEGIN {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
10 public property salt => prop_all;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
11 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
12
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
13 sub CTOR {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
14 my ($this) = @_;
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
15
75
wizard
parents: 74
diff changeset
16 $this->salt('DeadBeef') unless $this->salt;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
17 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
18
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
19 sub Process {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
20 my ($this,$action,$nextHandler) = @_;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
21
75
wizard
parents: 74
diff changeset
22 return undef unless $nextHandler;
wizard
parents: 74
diff changeset
23
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
24 my $method = $action->query->cookie('method') || 'simple';
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
25
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
26 if ($method eq 'simple') {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
27
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
28 my $sid = $action->query->cookie('sid');
75
wizard
parents: 74
diff changeset
29 my $cookie = $action->query->cookie('sdata');
wizard
parents: 74
diff changeset
30 my $sign = $action->query->cookie('sign');
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
31
75
wizard
parents: 74
diff changeset
32 if (
wizard
parents: 74
diff changeset
33 $sid and
wizard
parents: 74
diff changeset
34 $cookie and
wizard
parents: 74
diff changeset
35 $sign and
wizard
parents: 74
diff changeset
36 $sign eq md5_hex(
wizard
parents: 74
diff changeset
37 $this->salt,
wizard
parents: 74
diff changeset
38 $sid,
wizard
parents: 74
diff changeset
39 $cookie,
wizard
parents: 74
diff changeset
40 $this->salt
wizard
parents: 74
diff changeset
41 )
wizard
parents: 74
diff changeset
42 ) {
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
43
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
44 my $context = $action->application->security->Session(
73
wizard
parents: 69
diff changeset
45 id => $sid
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
46 );
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
47
74
wizard
parents: 73
diff changeset
48 my ($result,$challenge) = $context->auth->ValidateSession($cookie);
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
49
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
50 if ($result == AUTH_SUCCESS) {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
51 return $context->Impersonate($nextHandler);
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
52 } else {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
53 return $nextHandler->();
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
54 }
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
55 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
56 } else {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
57 die new IMPL::Exception("Unknown auth method",$method);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
58 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
59 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
60
75
wizard
parents: 74
diff changeset
61 1;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
62
75
wizard
parents: 74
diff changeset
63 __END__
wizard
parents: 74
diff changeset
64
wizard
parents: 74
diff changeset
65 =pod
wizard
parents: 74
diff changeset
66
wizard
parents: 74
diff changeset
67 =head1 NAME
wizard
parents: 74
diff changeset
68
wizard
parents: 74
diff changeset
69 C<IMPL::Web::QueryHandler::SecureCookie>
wizard
parents: 74
diff changeset
70
wizard
parents: 74
diff changeset
71 =head1 DESCRIPTION
wizard
parents: 74
diff changeset
72
wizard
parents: 74
diff changeset
73 C<use base qw(IMPL::Web::QueryHandler)>
wizard
parents: 74
diff changeset
74
wizard
parents: 74
diff changeset
75 Возобновляет сессию пользователя на основе информации переданной через Cookie.
wizard
parents: 74
diff changeset
76
wizard
parents: 74
diff changeset
77 Использует механизм подписи информации для проверки верности входных данных перед
wizard
parents: 74
diff changeset
78 началом каких-либо действий.
wizard
parents: 74
diff changeset
79
wizard
parents: 74
diff changeset
80 Данный обработчик возвращает результат выполнения следдующего обработчика.
wizard
parents: 74
diff changeset
81
wizard
parents: 74
diff changeset
82 =head1 MEMBERS
wizard
parents: 74
diff changeset
83
wizard
parents: 74
diff changeset
84 =over
wizard
parents: 74
diff changeset
85
wizard
parents: 74
diff changeset
86 =item C<[get,set] salt>
wizard
parents: 74
diff changeset
87
wizard
parents: 74
diff changeset
88 Скаляр, использующийся для подписи данных.
wizard
parents: 74
diff changeset
89
wizard
parents: 74
diff changeset
90 =back
wizard
parents: 74
diff changeset
91
wizard
parents: 74
diff changeset
92 =cut