Mercurial > pub > Impl
diff Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 95:67eb8eaec3d4
Added a security authority property to the Context and Security classes
Added a WriteResponse method to the SecureCookie class
Added a setCookie method to the Response class
| author | wizard |
|---|---|
| date | Thu, 29 Apr 2010 02:21:27 +0400 |
| parents | 3d1f584aea60 |
| children | 964587c5183c |
line wrap: on
line diff
--- a/Lib/IMPL/Web/QueryHandler/SecureCookie.pm Thu Apr 29 01:31:27 2010 +0400 +++ b/Lib/IMPL/Web/QueryHandler/SecureCookie.pm Thu Apr 29 02:21:27 2010 +0400 @@ -1,10 +1,12 @@ package IMPL::Web::QueryHandler::SecureCookie; +use strict; use base qw(IMPL::Web::QueryHandler); use Digest::MD5 qw(md5_hex); use IMPL::Class::Property; use IMPL::Security::Auth qw(:Const); +use IMPL::Security; BEGIN { public property salt => prop_all; @@ -40,6 +42,7 @@ $this->salt ) ) { + local $IMPL::Security::authority = $this; my $context = $action->application->security->sourceSession->find( { id => $sid } @@ -48,6 +51,7 @@ my ($result,$challenge) = $context->auth->ValidateSession($cookie); if ($result == AUTH_SUCCESS) { + $context->authority($this); return $context->Impersonate($nextHandler); } else { return $nextHandler->(); @@ -58,6 +62,22 @@ } } +sub WriteResponse { + my ($this,$response,$sid,$cookie,$method) = @_; + + my $sign = md5_hex( + $this->salt, + $sid, + $cookie, + $this->salt + ); + + $this->setCookie(sid => $sid); + $this->setCookie(sdata => $cookie); + $this->setCookie(sign => $sign); + $this->setCookie(method => $method) if $method; +} + 1; __END__