Mercurial > pub > Impl

comparison Lib/IMPL/Web/Handler/SecureCookie.pm @ 262:4ac39b9e2ca4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sync
author sergey
date Sat, 29 Dec 2012 03:22:15 +0400
parents fb52014f6931
children 0f59b2de72af
comparison
equal deleted inserted replaced
261:93963ec449c5 262:4ac39b9e2ca4
30 my ($this) = @_; 30 my ($this) = @_;
31 31
32 $this->salt('DeadBeef') unless $this->salt; 32 $this->salt('DeadBeef') unless $this->salt;
33 } 33 }
34 34
35 sub ValidateCookie {
36 my ($this,$sid,$cookie,$sign) = @_;
37
38 return 1 if $sid and $cookie and $sign and $sign eq md5_hex($this->salt,$sid,$cookie,$this->salt);
39
40 return 0;
41 }
42
35 sub Invoke { 43 sub Invoke {
36 my ($this,$action,$nextHandler) = @_; 44 my ($this,$action,$nextHandler) = @_;
37 45
38 return unless $nextHandler; 46 return unless $nextHandler;
39 47
43 51
44 my $sid = $action->cookie('sid',qr/(\w+)/); 52 my $sid = $action->cookie('sid',qr/(\w+)/);
45 my $cookie = $action->cookie('sdata',qr/(\w+)/); 53 my $cookie = $action->cookie('sdata',qr/(\w+)/);
46 my $sign = $action->cookie('sign',qw/(\w+)/); 54 my $sign = $action->cookie('sign',qw/(\w+)/);
47 55
48 if ( 56 if ( $this->ValidateCookie($sid,$cookie,$sign) ) {
49 $sid and
50 $cookie and
51 $sign and
52 $sign eq md5_hex(
53 $this->salt,
54 $sid,
55 $cookie,
56 $this->salt
57 )
58 ) {
59 # TODO: add a DefferedProxy to deffer a request to a data source 57 # TODO: add a DefferedProxy to deffer a request to a data source
60 if ( $context = $this->_manager->GetSession($sid) ) { 58 if ( $context = $this->_manager->GetSession($sid) ) {
61 if ( eval { $context->auth->isa(AuthSimple) } ) { 59 if ( eval { $context->auth->isa(AuthSimple) } ) {
62 my ($result,$challenge) = $context->auth->DoAuth($cookie); 60 my ($result,$challenge) = $context->auth->DoAuth($cookie);
63 61