summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2010-01-26 19:51:30 +0100
committerYorhel <git@yorhel.nl>2010-01-26 19:51:30 +0100
commitf82550b1cef9e91780b43e61c60c61af1ba139fd (patch)
treeaa4d580db4e6558abb3e4a80a73aff529a64dd72 /lib
parent38174567d7f68a2751426c0fadcda5eca1bd6861 (diff)
SQL: Replaced sessions.expiration with sessions.added
An expiration date doesn't make much sense if it's both not used and if it can't be configured by the user, so just make this a timestamp to indicate when the session has been added, which, while still not really used, is more valuable.
Diffstat (limited to 'lib')
-rw-r--r--lib/VNDB/DB/Users.pm7
-rw-r--r--lib/VNDB/Util/Auth.pm5
2 files changed, 4 insertions, 8 deletions
diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm
index 8805075f..63ac2270 100644
--- a/lib/VNDB/DB/Users.pm
+++ b/lib/VNDB/DB/Users.pm
@@ -137,12 +137,9 @@ sub dbUserDel {
# Adds a session to the database
-# If no expiration is supplied the database default is used
-# uid, 40 character session token, expiration time (timestamp)
+# uid, 40 character session token
sub dbSessionAdd {
- my($s, @o) = @_;
- $s->dbExec(q|INSERT INTO sessions (uid, token, expiration) VALUES(?, decode(?, 'hex'), to_timestamp(?))|,
- @o[0,1], $o[2]||(time+31536000));
+ $_[0]->dbExec(q|INSERT INTO sessions (uid, token) VALUES(?, decode(?, 'hex'))|, @_[1,2]);
}
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 978b882c..2d133476 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -42,11 +42,10 @@ sub authLogin {
if(_authCheck($self, $user, $pass)) {
my $token = sha1_hex(join('', Time::HiRes::gettimeofday()) . join('', map chr(rand(93)+33), 1..9));
- my $expiration = time + 31536000; # 1yr
my $cookie = $token . $self->{_auth}{id};
- $self->dbSessionAdd($self->{_auth}{id}, $token, $expiration);
+ $self->dbSessionAdd($self->{_auth}{id}, $token);
- my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime($expiration));
+ my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(time + 31536000)); # keep the cookie for 1 year
$self->resRedirect($to, 'post');
$self->resHeader('Set-Cookie', "vndb_auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
return 1;