diff options
author | 3dB <3db@3decibels.net> | 2009-07-29 15:10:08 -0400 |
---|---|---|
committer | 3dB <3db@3decibels.net> | 2009-07-29 15:10:08 -0400 |
commit | c83d62295fdff9da805b0687b0418ea69dde5fcf (patch) | |
tree | a92a893bfbc2bf6f901aea7cc503bb961faee9b6 /lib/VNDB/Util/Auth.pm | |
parent | 24c4392ce66d088e6933686395296c1419de22b5 (diff) |
Cleanup of Util/Auth.pm
Diffstat (limited to 'lib/VNDB/Util/Auth.pm')
-rw-r--r-- | lib/VNDB/Util/Auth.pm | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm index ad7659a9..3b7b052a 100644 --- a/lib/VNDB/Util/Auth.pm +++ b/lib/VNDB/Util/Auth.pm @@ -20,8 +20,7 @@ sub authInit { $self->{_auth} = undef; my $cookie = $self->reqCookie('vndb_auth'); - return 0 if !$cookie; - return 0 if length($cookie) < 41; + return 0 if !$cookie || length($cookie) < 41; my $token = substr($cookie, 0, 40); my $uid = substr($cookie, 40); $self->{_auth} = $self->dbUserGet(uid => $uid, what => 'mymessages')->[0] if $self->dbSessionCheck($uid, $token); @@ -37,14 +36,12 @@ sub authLogin { my $to = shift; if(_authCheck($self, $user, $pass)) { - my $token = sha1_hex(Time::HiRes::time . 'VNDB'); + my $token = sha1_hex(join('', Time::HiRes::gettimeofday()) . join('', map chr(rand(93)+33), 1..9)); my $expiration = time + 31536000; # 1yr my $cookie = $token . $self->{_auth}{id}; $self->dbSessionAdd($self->{_auth}{id}, $token, $expiration); - my @time = gmtime($expiration); my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime($expiration)); - $self->resRedirect($to, 'post'); $self->resHeader('Set-Cookie', "vndb_auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}"); return 1; @@ -59,12 +56,10 @@ sub authLogout { my $self = shift; my $cookie = $self->reqCookie('vndb_auth'); - if ($cookie) { - if (length($cookie) >= 41) { - my $token = substr($cookie, 0, 40); - my $uid = substr($cookie, 40); - $self->dbSessionDel($uid, $token); - } + if ($cookie && length($cookie) >= 41) { + my $token = substr($cookie, 0, 40); + my $uid = substr($cookie, 40); + $self->dbSessionDel($uid, $token); } $self->resRedirect('/', 'temp'); @@ -95,8 +90,7 @@ sub authCan { sub _authCheck { my($self, $user, $pass) = @_; - return 0 if - !$user || length($user) > 15 || length($user) < 2 || !$pass; + return 0 if !$user || length($user) > 15 || length($user) < 2 || !$pass; my $d = $self->dbUserGet(username => $user, what => 'mymessages')->[0]; return 0 if !defined $d->{id} || !$d->{rank}; |