Mercurial > pub > Impl
comparison Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 95:67eb8eaec3d4
Added a security authority property to the Context and Security classes
Added a WriteResponse method to the SecureCookie class
Added a setCookie method to the Response class
| author | wizard |
|---|---|
| date | Thu, 29 Apr 2010 02:21:27 +0400 |
| parents | 3d1f584aea60 |
| children | 964587c5183c |
comparison
equal
deleted
inserted
replaced
| 94:79bf75223afe | 95:67eb8eaec3d4 |
|---|---|
| 1 package IMPL::Web::QueryHandler::SecureCookie; | 1 package IMPL::Web::QueryHandler::SecureCookie; |
| 2 use strict; | |
| 2 | 3 |
| 3 use base qw(IMPL::Web::QueryHandler); | 4 use base qw(IMPL::Web::QueryHandler); |
| 4 use Digest::MD5 qw(md5_hex); | 5 use Digest::MD5 qw(md5_hex); |
| 5 | 6 |
| 6 use IMPL::Class::Property; | 7 use IMPL::Class::Property; |
| 7 use IMPL::Security::Auth qw(:Const); | 8 use IMPL::Security::Auth qw(:Const); |
| 9 use IMPL::Security; | |
| 8 | 10 |
| 9 BEGIN { | 11 BEGIN { |
| 10 public property salt => prop_all; | 12 public property salt => prop_all; |
| 11 } | 13 } |
| 12 | 14 |
| 38 $sid, | 40 $sid, |
| 39 $cookie, | 41 $cookie, |
| 40 $this->salt | 42 $this->salt |
| 41 ) | 43 ) |
| 42 ) { | 44 ) { |
| 45 local $IMPL::Security::authority = $this; | |
| 43 | 46 |
| 44 my $context = $action->application->security->sourceSession->find( | 47 my $context = $action->application->security->sourceSession->find( |
| 45 { id => $sid } | 48 { id => $sid } |
| 46 ) or return $nextHandler->(); | 49 ) or return $nextHandler->(); |
| 47 | 50 |
| 48 my ($result,$challenge) = $context->auth->ValidateSession($cookie); | 51 my ($result,$challenge) = $context->auth->ValidateSession($cookie); |
| 49 | 52 |
| 50 if ($result == AUTH_SUCCESS) { | 53 if ($result == AUTH_SUCCESS) { |
| 54 $context->authority($this); | |
| 51 return $context->Impersonate($nextHandler); | 55 return $context->Impersonate($nextHandler); |
| 52 } else { | 56 } else { |
| 53 return $nextHandler->(); | 57 return $nextHandler->(); |
| 54 } | 58 } |
| 55 } | 59 } |
| 56 } else { | 60 } else { |
| 57 die new IMPL::Exception("Unknown auth method",$method); | 61 die new IMPL::Exception("Unknown auth method",$method); |
| 58 } | 62 } |
| 63 } | |
| 64 | |
| 65 sub WriteResponse { | |
| 66 my ($this,$response,$sid,$cookie,$method) = @_; | |
| 67 | |
| 68 my $sign = md5_hex( | |
| 69 $this->salt, | |
| 70 $sid, | |
| 71 $cookie, | |
| 72 $this->salt | |
| 73 ); | |
| 74 | |
| 75 $this->setCookie(sid => $sid); | |
| 76 $this->setCookie(sdata => $cookie); | |
| 77 $this->setCookie(sign => $sign); | |
| 78 $this->setCookie(method => $method) if $method; | |
| 59 } | 79 } |
| 60 | 80 |
| 61 1; | 81 1; |
| 62 | 82 |
| 63 __END__ | 83 __END__ |