pub/Impl: Lib/IMPL/Web/Security.pm comparison

*security subsytem bugfixes *HttpResponse: cookies which values are set to undefined will be deleted from browser

comparison

equal deleted inserted replaced

-:b8c724f6de36
+:23daf2fae33a
 };
 use constant {
 ERR_NO_SUCH_USER => -1,
 ERR_NO_SEC_DATA => -2,
-ERR_AUTH_FAIL => -3
+ERR_NO_AUTHORITY => -3,
+ERR_NO_SEC_CONTEXT => -4,
+ERR_AUTH_FAIL => -5
 };
 sub AuthUser {
 my ($this,$name,$package,$challenge) = @_;
 my $user = $this->FindUserByName($name)
 or return {
 status => AUTH_FAIL,
 code => ERR_NO_SUCH_USER
 };
 my $auth;
 if ( my $secData = $user->GetSecData($package) ) {
 $auth = $package->new($secData);
 } else {
 return {
 code => ERR_NO_SEC_DATA,
 user => $user
 };
 }
+return {
+	status => AUTH_FAIL,
+	code => ERR_NO_SEC_CONTEXT
+} unless SecurityContext->current;
+return {
+	status => AUTH_FAIL,
+	code => ERR_NO_AUTHORITY
+} unless SecurityContext->current->authority;
 my $status = SecurityContext->current->authority->InitSession(
 $user,
+[$user->roles],
 $auth,
-[$user->roles]
+$challenge
 );
 return {
 status => $status,
 code => ($status == AUTH_FAIL ? ERR_AUTH_FAIL : 0),
 user => $user
 };
+}
+sub Logout {
+	my ($this) = @_;
+	my $session = SecurityContext->current;
+	if($session && $session->authority) {
+		$session->authority->CloseSession($session);
+		$this->CloseSession($session);
+	}
 }
 sub FindUserByName {
 die NotImplementedException->new();
 }
 die NotImplementedException->new();
 }
 sub SaveSession {
 die NotImplementedException->new();
+}
+sub CloseSession {
+	die NotImplementedException->new();
 }
 1;
 __END__

Mercurial > pub > Impl