pub/Impl: Lib/IMPL/Web/Handler/SecureCookie.pm annotate

annotate Lib/IMPL/Web/Handler/SecureCookie.pm @ 238:b8c724f6de36

DOM model refactoring TT view refactoring, controls are no longer derived from DOM nodes bugfixes

author	sergey
date	Tue, 16 Oct 2012 01:33:06 +0400
parents	3cebcf6fdb9b
children	23daf2fae33a

rev	line source
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	1 package IMPL::Web::Handler::SecureCookie;
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	2 use strict;
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	3
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	4
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	5 use Digest::MD5 qw(md5_hex);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	6 use IMPL::Const qw(:prop);
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	7 use IMPL::Security::Auth qw(:Const GenSSID);
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	8 use IMPL::declare {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	9 require => {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	10 SecurityContext => 'IMPL::Security::Context',
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	11 User => 'IMPL::Security::Principal',
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	12 AuthSimple => 'IMPL::Security::Auth::Simple',
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	13 Exception => 'IMPL::Exception',
ff1e8fa932f2 sync sergey parents: 230 diff changeset	14 OperationException => '-IMPL::InvalidOperationException',
ff1e8fa932f2 sync sergey parents: 230 diff changeset	15 HttpResponse => '-IMPL::Web::HttpResponse'
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	16 },
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	17 base => {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	18 'IMPL::Object' => undef,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	19 'IMPL::Object::Autofill' => '@_',
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	20 'IMPL::Object::Serializable' => undef
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	21 },
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	22 props => [
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	23 salt => PROP_RO,
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	24 _manager => PROP_RO,
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	25 _cookies => PROP_RW
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	26 ]
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	27 };
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	28
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	29 sub CTOR {
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	30 my ($this) = @_;
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	31
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	32 $this->salt('DeadBeef') unless $this->salt;
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	33 }
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	34
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	35 sub Invoke {
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	36 my ($this,$action,$nextHandler) = @_;
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	37
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	38 return unless $nextHandler;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	39
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	40 my $context;
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	41 $this->_manager($action->application->security);
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	42
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	43
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	44 my $sid = $action->cookie('sid',qr/(\w+)/);
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	45 my $cookie = $action->cookie('sdata',qr/(\w+)/);
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	46 my $sign = $action->cookie('sign',qw/(\w+)/);
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	47
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	48 if (
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	49 $sid and
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	50 $cookie and
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	51 $sign and
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	52 $sign eq md5_hex(
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	53 $this->salt,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	54 $sid,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	55 $cookie,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	56 $this->salt
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	57 )
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	58 ) {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	59 # TODO: add a DefferedProxy to deffer a request to a data source
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	60 if ( $context = $this->_manager->GetSession($sid) ) {
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	61
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	62 if ( eval { $context->auth->isa(AuthSimple) } ) {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	63 my ($result,$challenge) = $context->auth->DoAuth($cookie);
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	64
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	65 $action->_manager->SaveSession($context);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	66
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	67 if ($result == AUTH_FAIL) {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	68 $context = undef;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	69 }
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	70 }
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	71 }
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	72
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	73 }
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	74
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	75 $context \|\|= SecurityContext->new(principal => User->nobody, authority => $this);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	76
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	77 my $httpResponse = $context->Impersonate($nextHandler,$action);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	78
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	79 die OperationException->new("A HttpResponse instance is expected")
ff1e8fa932f2 sync sergey parents: 230 diff changeset	80 unless ref $httpResponse && eval { $httpResponse->isa(HttpResponse) };
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	81
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	82 return $this->WriteResponse($httpResponse);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	83 }
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	84
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	85 sub InitSession {
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	86 my ($this,$user,$auth,$roles) = @_;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	87
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	88 my $sid = GenSSID();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	89 my $cookie = GenSSID();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	90
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	91 $this->_cookies({
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	92 sid => $sid,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	93 sdata => $cookie
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	94 });
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	95
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	96 my $context = $this->_manager->CreateSession(
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	97 sessionId => $sid,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	98 principal => $user,
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 231 diff changeset	99 auth => AuthSimple->Create(password => $cookie),
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	100 authority => $this,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	101 assignedRoles => $roles
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	102 );
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	103
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	104 $context->Apply();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	105
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	106 return $context;
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	107 }
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	108
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	109 sub WriteResponse {
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	110 my ($this,$response) = @_;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	111
238 b8c724f6de36 DOM model refactoring sergey parents: 233 diff changeset	112 if (my $data = $this->_cookies) {
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	113
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	114 my $sign = md5_hex(
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	115 $this->salt,
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	116 $data->{sid},
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	117 $data->{sdata},
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	118 $this->salt
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	119 );
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	120
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	121 $response->cookies->{sid} = $data->{sid};
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	122 $response->cookies->{sdata} = $data->{sdata};
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	123 $response->cookies->{sign} = $sign;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	124 }
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	125
ff1e8fa932f2 sync sergey parents: 230 diff changeset	126 return $response;
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	127 }
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	128
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	129 1;
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	130
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	131 __END__
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	132
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	133 =pod
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	134
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	135 =head1 NAME
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	136
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	137 C<IMPL::Web::Handler::SecureCookie>
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	138
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	139 =head1 DESCRIPTION
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	140
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	141 Возобновляет сессию пользователя на основе информации переданной через Cookie.
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	142
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	143 Использует механизм подписи информации для проверки верности входных данных перед
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	144 началом каких-либо действий.
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	145
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	146 Данный обработчик возвращает результат выполнения следдующего обработчика.
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	147
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	148
6d8092d8ce1b reworked IMPL::Security sergey* parents: 196 diff changeset	149
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	150 =head1 MEMBERS
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	151
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	152 =head2 C<[get,set] salt>
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	153
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	154 Скаляр, использующийся для подписи данных.
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	155
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 231 diff changeset	156
231 ff1e8fa932f2 sync sergey parents: 230 diff changeset	157 =head2 C<InitSession($user,$auth,$roles)>
196 a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	158
a705e848dcc7 added IMPL::Config::Reference cin parents: diff changeset	159 =cut

Mercurial > pub > Impl

annotate Lib/IMPL/Web/Handler/SecureCookie.pm @ 238:b8c724f6de36