Mercurial > pub > Impl
comparison Lib/IMPL/Web/Handler/SecureCookie.pm @ 238:b8c724f6de36
DOM model refactoring
TT view refactoring, controls are no longer derived from DOM nodes
bugfixes
| author | sergey |
|---|---|
| date | Tue, 16 Oct 2012 01:33:06 +0400 |
| parents | 3cebcf6fdb9b |
| children | 23daf2fae33a |
comparison
equal
deleted
inserted
replaced
| 237:61db68166c37 | 238:b8c724f6de36 |
|---|---|
| 6 use IMPL::Const qw(:prop); | 6 use IMPL::Const qw(:prop); |
| 7 use IMPL::Security::Auth qw(:Const GenSSID); | 7 use IMPL::Security::Auth qw(:Const GenSSID); |
| 8 use IMPL::declare { | 8 use IMPL::declare { |
| 9 require => { | 9 require => { |
| 10 SecurityContext => 'IMPL::Security::Context', | 10 SecurityContext => 'IMPL::Security::Context', |
| 11 User => 'IMPL::Security::User', | 11 User => 'IMPL::Security::Principal', |
| 12 AuthSimple => 'IMPL::Security::Auth::Simple', | 12 AuthSimple => 'IMPL::Security::Auth::Simple', |
| 13 Exception => 'IMPL::Exception', | 13 Exception => 'IMPL::Exception', |
| 14 OperationException => '-IMPL::InvalidOperationException', | 14 OperationException => '-IMPL::InvalidOperationException', |
| 15 HttpResponse => '-IMPL::Web::HttpResponse' | 15 HttpResponse => '-IMPL::Web::HttpResponse' |
| 16 }, | 16 }, |
| 19 'IMPL::Object::Autofill' => '@_', | 19 'IMPL::Object::Autofill' => '@_', |
| 20 'IMPL::Object::Serializable' => undef | 20 'IMPL::Object::Serializable' => undef |
| 21 }, | 21 }, |
| 22 props => [ | 22 props => [ |
| 23 salt => PROP_RO, | 23 salt => PROP_RO, |
| 24 manager => PROP_RO, | 24 _manager => PROP_RO, |
| 25 _cookies => PROP_RW | 25 _cookies => PROP_RW |
| 26 ] | 26 ] |
| 27 }; | 27 }; |
| 28 | 28 |
| 29 sub CTOR { | 29 sub CTOR { |
| 36 my ($this,$action,$nextHandler) = @_; | 36 my ($this,$action,$nextHandler) = @_; |
| 37 | 37 |
| 38 return unless $nextHandler; | 38 return unless $nextHandler; |
| 39 | 39 |
| 40 my $context; | 40 my $context; |
| 41 $this->_manager($action->application->security); | |
| 41 | 42 |
| 42 | 43 |
| 43 my $sid = $action->cookie('sid',qr/(\w+)/); | 44 my $sid = $action->cookie('sid',qr/(\w+)/); |
| 44 my $cookie = $action->cookie('sdata',qr/(\w+)/); | 45 my $cookie = $action->cookie('sdata',qr/(\w+)/); |
| 45 my $sign = $action->cookie('sign',qw/(\w+)/); | 46 my $sign = $action->cookie('sign',qw/(\w+)/); |
| 54 $cookie, | 55 $cookie, |
| 55 $this->salt | 56 $this->salt |
| 56 ) | 57 ) |
| 57 ) { | 58 ) { |
| 58 # TODO: add a DefferedProxy to deffer a request to a data source | 59 # TODO: add a DefferedProxy to deffer a request to a data source |
| 59 if ( $context = $this->manager->GetSession($sid) ) { | 60 if ( $context = $this->_manager->GetSession($sid) ) { |
| 60 | 61 |
| 61 if ( eval { $context->auth->isa(AuthSimple) } ) { | 62 if ( eval { $context->auth->isa(AuthSimple) } ) { |
| 62 my ($result,$challenge) = $context->auth->DoAuth($cookie); | 63 my ($result,$challenge) = $context->auth->DoAuth($cookie); |
| 63 | 64 |
| 64 $action->manager->SaveSession($context); | 65 $action->_manager->SaveSession($context); |
| 65 | 66 |
| 66 if ($result == AUTH_FAIL) { | 67 if ($result == AUTH_FAIL) { |
| 67 $context = undef; | 68 $context = undef; |
| 68 } | 69 } |
| 69 } | 70 } |
| 71 | 72 |
| 72 } | 73 } |
| 73 | 74 |
| 74 $context ||= SecurityContext->new(principal => User->nobody, authority => $this); | 75 $context ||= SecurityContext->new(principal => User->nobody, authority => $this); |
| 75 | 76 |
| 76 my $httpResponse = $context->Impersonate($nextHandler); | 77 my $httpResponse = $context->Impersonate($nextHandler,$action); |
| 77 | 78 |
| 78 die OperationException->new("A HttpResponse instance is expected") | 79 die OperationException->new("A HttpResponse instance is expected") |
| 79 unless ref $httpResponse && eval { $httpResponse->isa(HttpResponse) }; | 80 unless ref $httpResponse && eval { $httpResponse->isa(HttpResponse) }; |
| 80 | 81 |
| 81 return $this->WriteResponse($httpResponse); | 82 return $this->WriteResponse($httpResponse); |
| 88 my $cookie = GenSSID(); | 89 my $cookie = GenSSID(); |
| 89 | 90 |
| 90 $this->_cookies({ | 91 $this->_cookies({ |
| 91 sid => $sid, | 92 sid => $sid, |
| 92 sdata => $cookie | 93 sdata => $cookie |
| 93 }) | 94 }); |
| 94 | 95 |
| 95 my $context = $this->$manager->CreateSession( | 96 my $context = $this->_manager->CreateSession( |
| 96 sessionId => $sid, | 97 sessionId => $sid, |
| 97 principal => $user, | 98 principal => $user, |
| 98 auth => AuthSimple->Create(password => $cookie), | 99 auth => AuthSimple->Create(password => $cookie), |
| 99 authority => $this, | 100 authority => $this, |
| 100 assignedRoles => $roles | 101 assignedRoles => $roles |
| 106 } | 107 } |
| 107 | 108 |
| 108 sub WriteResponse { | 109 sub WriteResponse { |
| 109 my ($this,$response) = @_; | 110 my ($this,$response) = @_; |
| 110 | 111 |
| 111 if (my $data $this->_cookies) { | 112 if (my $data = $this->_cookies) { |
| 112 | 113 |
| 113 my $sign = md5_hex( | 114 my $sign = md5_hex( |
| 114 $this->salt, | 115 $this->salt, |
| 115 $data->{sid}, | 116 $data->{sid}, |
| 116 $data->{sdata}, | 117 $data->{sdata}, |
| 150 | 151 |
| 151 =head2 C<[get,set] salt> | 152 =head2 C<[get,set] salt> |
| 152 | 153 |
| 153 Скаляр, использующийся для подписи данных. | 154 Скаляр, использующийся для подписи данных. |
| 154 | 155 |
| 155 =head2 C<[get,set] manager> | |
| 156 | |
| 157 Реализация менеджера безопасности, отвечающая за реализацию взаимодействия с | |
| 158 моделью безопасности. | |
| 159 | 156 |
| 160 =head2 C<InitSession($user,$auth,$roles)> | 157 =head2 C<InitSession($user,$auth,$roles)> |
| 161 | 158 |
| 162 =cut | 159 =cut |