summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author3dB <3db@3decibels.net>2009-07-29 15:10:08 -0400
committer3dB <3db@3decibels.net>2009-07-29 15:10:08 -0400
commitc83d62295fdff9da805b0687b0418ea69dde5fcf (patch)
treea92a893bfbc2bf6f901aea7cc503bb961faee9b6
parent24c4392ce66d088e6933686395296c1419de22b5 (diff)
Cleanup of Util/Auth.pm
-rw-r--r--lib/VNDB/Util/Auth.pm20
1 files changed, 7 insertions, 13 deletions
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index ad7659a9..3b7b052a 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -20,8 +20,7 @@ sub authInit {
$self->{_auth} = undef;
my $cookie = $self->reqCookie('vndb_auth');
- return 0 if !$cookie;
- return 0 if length($cookie) < 41;
+ return 0 if !$cookie || length($cookie) < 41;
my $token = substr($cookie, 0, 40);
my $uid = substr($cookie, 40);
$self->{_auth} = $self->dbUserGet(uid => $uid, what => 'mymessages')->[0] if $self->dbSessionCheck($uid, $token);
@@ -37,14 +36,12 @@ sub authLogin {
my $to = shift;
if(_authCheck($self, $user, $pass)) {
- my $token = sha1_hex(Time::HiRes::time . 'VNDB');
+ my $token = sha1_hex(join('', Time::HiRes::gettimeofday()) . join('', map chr(rand(93)+33), 1..9));
my $expiration = time + 31536000; # 1yr
my $cookie = $token . $self->{_auth}{id};
$self->dbSessionAdd($self->{_auth}{id}, $token, $expiration);
- my @time = gmtime($expiration);
my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime($expiration));
-
$self->resRedirect($to, 'post');
$self->resHeader('Set-Cookie', "vndb_auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
return 1;
@@ -59,12 +56,10 @@ sub authLogout {
my $self = shift;
my $cookie = $self->reqCookie('vndb_auth');
- if ($cookie) {
- if (length($cookie) >= 41) {
- my $token = substr($cookie, 0, 40);
- my $uid = substr($cookie, 40);
- $self->dbSessionDel($uid, $token);
- }
+ if ($cookie && length($cookie) >= 41) {
+ my $token = substr($cookie, 0, 40);
+ my $uid = substr($cookie, 40);
+ $self->dbSessionDel($uid, $token);
}
$self->resRedirect('/', 'temp');
@@ -95,8 +90,7 @@ sub authCan {
sub _authCheck {
my($self, $user, $pass) = @_;
- return 0 if
- !$user || length($user) > 15 || length($user) < 2 || !$pass;
+ return 0 if !$user || length($user) > 15 || length($user) < 2 || !$pass;
my $d = $self->dbUserGet(username => $user, what => 'mymessages')->[0];
return 0 if !defined $d->{id} || !$d->{rank};