comparison Lib/IMPL/Web/Handler/SecureCookie.pm @ 357:ec58c47edb52

web security: code cleanup, refactoring
author cin
date Fri, 18 Oct 2013 15:10:10 +0400
parents c090d9102a38
children d5c8b955bf8d
comparison
equal deleted inserted replaced
356:97131d500f16 357:ec58c47edb52
19 'IMPL::Object::Autofill' => '@_', 19 'IMPL::Object::Autofill' => '@_',
20 'IMPL::Object::Serializable' => undef 20 'IMPL::Object::Serializable' => undef
21 }, 21 },
22 props => [ 22 props => [
23 salt => PROP_RO, 23 salt => PROP_RO,
24 _manager => PROP_RO, 24 _security => PROP_RO,
25 _cookies => PROP_RW 25 _cookies => PROP_RW
26 ] 26 ]
27 }; 27 };
28 28
29 sub CTOR { 29 sub CTOR {
55 my ($this,$action,$nextHandler) = @_; 55 my ($this,$action,$nextHandler) = @_;
56 56
57 return unless $nextHandler; 57 return unless $nextHandler;
58 58
59 my $context; 59 my $context;
60 $this->_manager($action->security); 60 $this->_security($action->security);
61 61
62 62
63 my $sid = $action->cookie('sid',qr/(\w+)/); 63 my $sid = $action->cookie('sid',qr/(\w+)/);
64 my $cookie = $action->cookie('sdata',qr/(\w+)/); 64 my $cookie = $action->cookie('sdata',qr/(\w+)/);
65 my $sign = $action->cookie('sign',qw/(\w+)/); 65 my $sign = $action->cookie('sign',qw/(\w+)/);
66 66
67 if ( $this->ValidateCookie($sid,$cookie,$sign) ) { 67 if ( $this->ValidateCookie($sid,$cookie,$sign) ) {
68 # TODO: add a DeferredProxy to deffer a request to a data source 68 # TODO: add a DeferredProxy to deffer a request to a data source
69 if ( $context = $this->_manager->sessions->GetById($sid) ) { 69 if ( $context = $this->_security->sessions->GetById($sid) ) {
70 if ( eval { $context->auth->isa(AuthSimple) } ) { 70 if ( eval { $context->auth->isa(AuthSimple) } ) {
71 my ($result,$challenge) = $context->auth->DoAuth($cookie); 71 my ($result,$challenge) = $context->auth->DoAuth($cookie);
72 72
73 $context->authority($this); 73 $context->authority($this);
74 74
116 $this->_cookies({ 116 $this->_cookies({
117 sid => $sid, 117 sid => $sid,
118 sdata => $cookie 118 sdata => $cookie
119 }); 119 });
120 120
121 my $context = $this->_manager->sessions->Create({ 121 my $context = $this->_security->sessions->Create({
122 sessionId => $sid, 122 sessionId => $sid,
123 principal => $user, 123 principal => $user,
124 auth => AuthSimple->Create(password => $cookie), 124 auth => AuthSimple->Create(password => $cookie),
125 authority => $this, 125 authority => $this,
126 rolesAssigned => $roles 126 rolesAssigned => $roles