summaryrefslogtreecommitdiff
path: root/lib/VNDB/Util/Auth.pm
diff options
context:
space:
mode:
author3dB <3db@3decibels.net>2009-07-28 21:00:58 -0400
committer3dB <3db@3decibels.net>2009-07-28 21:00:58 -0400
commit515ea4144ae671c2d6e1a6073295bf56cc208a23 (patch)
tree95efc22dc62c36479bbcb2a7dcbf610f1e1c7f5c /lib/VNDB/Util/Auth.pm
parent5e73fc02c767b818f4dde18774406f5ddf217093 (diff)
Removed Crypt::Lite dependency
-- Changed the way cookie data is handled and removed the need for Crypt::Lite -- Removed "cookie_key" configuration setting for Crypt::Lite
Diffstat (limited to 'lib/VNDB/Util/Auth.pm')
-rw-r--r--lib/VNDB/Util/Auth.pm19
1 files changed, 8 insertions, 11 deletions
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index faa698e5..b8af3130 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -8,7 +8,6 @@ use Exporter 'import';
use Digest::MD5 'md5';
use Digest::SHA qw|sha1_hex sha256 sha256_hex|;
use Time::HiRes;
-use Crypt::Lite;
our @EXPORT = qw| authInit authLogin authLogout authInfo authCan authPreparePass |;
@@ -21,10 +20,9 @@ sub authInit {
my $cookie = $self->reqCookie('vndb_auth');
return 0 if !$cookie;
- my $str = Crypt::Lite->new()->decrypt($cookie, sha1_hex($self->{cookie_key}));
- return 0 if length($str) < 44;
- my $token = substr($str, 4, 40);
- my $uid = substr($str, 44);
+ return 0 if length($cookie) < 41;
+ my $token = substr($cookie, 0, 40);
+ my $uid = substr($cookie, 40);
$self->{_auth} = $self->dbUserGet(uid => $uid, what => 'mymessages')->[0] if $self->dbSessionCheck($uid, $token);
}
@@ -38,9 +36,9 @@ sub authLogin {
my $to = shift;
if(_authCheck($self, $user, $pass)) {
- my $token = sha1_hex(Time::HiRes::time . $self->{cookie_key});
+ my $token = sha1_hex(Time::HiRes::time . 'VNDB');
my $expiration = time + 31536000; # 1yr
- (my $cookie = Crypt::Lite->new()->encrypt("VNDB$token$self->{_auth}{id}", sha1_hex($self->{cookie_key}))) =~ s/\r?\n//g;
+ my $cookie = $token . $self->{_auth}{id};
$self->dbSessionAdd($self->{_auth}{id}, $token, $expiration);
my @time = gmtime($expiration);
@@ -64,10 +62,9 @@ sub authLogout {
my $cookie = $self->reqCookie('vndb_auth');
if ($cookie) {
- my $str = Crypt::Lite->new()->decrypt($cookie, sha1_hex($self->{cookie_key}));
- if (length($str) >= 44) {
- my $token = substr($str, 4, 40);
- my $uid = substr($str, 44);
+ if (length($cookie) >= 41) {
+ my $token = substr($cookie, 0, 40);
+ my $uid = substr($cookie, 40);
$self->dbSessionDel($uid, $token);
}
}