From e46f634c49aa4e174d6cc351b25a60d33c251b25 Mon Sep 17 00:00:00 2001 From: Yorhel Date: Tue, 25 Jan 2011 16:45:45 +0100 Subject: TUWF: Initial convert from YAWF to TUWF There may still be some bugs present and I've only converted the points where TUWF is incompatible with YAWF. The new TUWF features are not in use yet, I'll do that later on. Note that, in order to run the new code, TUWF must be installed on your system. The configuration for the TransAdmin plugin has also changed. Other than that there shouldn't be any issues. --- lib/VNDB/Util/Auth.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/VNDB/Util/Auth.pm') diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm index 9ad76894..864d1c54 100644 --- a/lib/VNDB/Util/Auth.pm +++ b/lib/VNDB/Util/Auth.pm @@ -10,7 +10,7 @@ use Digest::SHA qw|sha1_hex sha256_hex|; use Time::HiRes; use Encode 'encode_utf8'; use POSIX 'strftime'; -use YAWF ':html'; +use TUWF ':html'; use VNDB::Func; -- cgit v1.2.3 From 01c4028bfa067546af572de06789cc4121b1ffbc Mon Sep 17 00:00:00 2001 From: Yorhel Date: Tue, 25 Jan 2011 17:19:55 +0100 Subject: TUWF: Made use of the new cookie_prefix feature Configuration change: Make sure you more the cookie_prefix option from %S to %O. (It's now a TUWF option rather than a VNDB one) --- lib/VNDB/Util/Auth.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/VNDB/Util/Auth.pm') diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm index 864d1c54..996752f4 100644 --- a/lib/VNDB/Util/Auth.pm +++ b/lib/VNDB/Util/Auth.pm @@ -22,7 +22,7 @@ sub authInit { my $self = shift; $self->{_auth} = undef; - my $cookie = $self->reqCookie($self->{cookie_prefix}.'auth'); + my $cookie = $self->reqCookie('auth'); return 0 if !$cookie; return _rmcookie($self) if length($cookie) < 41; my $token = substr($cookie, 0, 40); @@ -61,7 +61,7 @@ sub authLogin { sub authLogout { my $self = shift; - my $cookie = $self->reqCookie($self->{cookie_prefix}.'auth'); + my $cookie = $self->reqCookie('auth'); if ($cookie && length($cookie) >= 41) { my $token = substr($cookie, 0, 40); my $uid = substr($cookie, 40); -- cgit v1.2.3 From 08d3dffe2dc6b955f2e10629079d5ae5c32f7183 Mon Sep 17 00:00:00 2001 From: Yorhel Date: Thu, 27 Jan 2011 10:11:52 +0100 Subject: TUWF: Replaced resHeader('Set-Cookie', ..) with resCookie() Way more convenient. This also fixes several bugs with the previous commit, since the cookie_prefix wasn't used for *all* cookies. Since it is now, the 'l10n' cookie now also respects the configured prefix, which means some people will have to set their default language again. Configuration changes: 'cookie_domain' option has been removed, the 'cookie_defaults' option of TUWF should now be used. --- lib/VNDB/Util/Auth.pm | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) (limited to 'lib/VNDB/Util/Auth.pm') diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm index 996752f4..88e68edc 100644 --- a/lib/VNDB/Util/Auth.pm +++ b/lib/VNDB/Util/Auth.pm @@ -24,13 +24,13 @@ sub authInit { my $cookie = $self->reqCookie('auth'); return 0 if !$cookie; - return _rmcookie($self) if length($cookie) < 41; + return $self->resCookie(auth => undef) if length($cookie) < 41; my $token = substr($cookie, 0, 40); my $uid = substr($cookie, 40); $self->{_auth} = $uid =~ /^\d+$/ && $self->dbUserGet(uid => $uid, session => $token, what => 'extended notifycount prefs')->[0]; # update the sessions.lastused column if lastused < now()'6 hours' $self->dbSessionUpdateLastUsed($uid, $token) if $self->{_auth} && $self->{_auth}{session_lastused} < time()-6*3600; - return _rmcookie($self) if !$self->{_auth}; + return $self->resCookie(auth => undef) if !$self->{_auth}; } @@ -47,9 +47,8 @@ sub authLogin { my $cookie = $token . $self->{_auth}{id}; $self->dbSessionAdd($self->{_auth}{id}, $token); - my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(time + 31536000)); # keep the cookie for 1 year $self->resRedirect($to, 'post'); - $self->resHeader('Set-Cookie', "$self->{cookie_prefix}auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}"); + $self->resCookie(auth => $cookie, expires => time + 31536000); # keep the cookie for 1 year return 1; } @@ -69,11 +68,11 @@ sub authLogout { } $self->resRedirect('/', 'temp'); - _rmcookie($self); + $self->resCookie(auth => undef); # set l10n cookie if the user has a preferred language set my $l10n = $self->authPref('l10n'); - $self->resHeader('Set-Cookie', "l10n=$l10n; expires=Sat, 01-Jan-2030 00:00:00 GMT; path=/; domain=$self->{cookie_domain}") if $l10n; + $self->resCookie(l10n => $l10n, expires => time()+31536000) if $l10n; # keep 1 year } @@ -141,13 +140,6 @@ sub authPreparePass{ } -# removes the vndb_auth cookie -sub _rmcookie { - $_[0]->resHeader('Set-Cookie', - "$_[0]->{cookie_prefix}auth= ; expires=Sat, 01-Jan-2000 00:00:00 GMT; path=/; domain=$_[0]->{cookie_domain}"); -} - - # Generate a code to be used later on to validate that the form was indeed # submitted from our site and by the same user/visitor. Not limited to # logged-in users. -- cgit v1.2.3