chiark
/
gitweb
/
~ian
/
cgi-auth-flexible.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Testing: autotest: Move some code about
[cgi-auth-flexible.git]
/
cgi-auth-flexible.pm
diff --git
a/cgi-auth-flexible.pm
b/cgi-auth-flexible.pm
index 5e5d0449ad536d2d7b3eaba51bb4ab27e94bf6a7..21805cffd8057a177222a6177d3dd3113d6a2bb6 100644
(file)
--- a/
cgi-auth-flexible.pm
+++ b/
cgi-auth-flexible.pm
@@
-758,11
+758,11
@@
sub construct_cookie ($$$) {
# y nt POST r u intra-site request from stale page
# fail
#
# y nt POST r u intra-site request from stale page
# fail
#
- # -
/n
y2 GET nr intra-site link from cleared session
+ # -
n
y2 GET nr intra-site link from cleared session
# do not revoke y2 as not RESTful
# treat as -/n n GET
#
# do not revoke y2 as not RESTful
# treat as -/n n GET
#
- # -
/n
y2 POST nrmu request from cleared session
+ # -
n
y2 POST nrmu request from cleared session
# revoke y2
# treat as -/n n POST
#
# revoke y2
# treat as -/n n POST
#
@@
-910,9
+910,17
@@
sub _check_divert_core ($) {
die unless $cookt eq 'y';
unless ($r->{S}{promise_check_mutate} && $meth eq 'GET') {
die unless $cookt eq 'y';
unless ($r->{S}{promise_check_mutate} && $meth eq 'GET') {
+ if ($parmt eq 't' || $parmt eq 'n') {
+ return ({ Kind => 'STALE',
+ Message => $r->_gt("Login session interrupted."),
+ _CookieRaw => $cooks,
+ Params => { } });
+ }
die unless $parmt eq 'y';
die unless $cookh eq $parmh;
}
die unless $parmt eq 'y';
die unless $cookh eq $parmh;
}
+ $r->_db_update_last($cooku,$parmh);
+
$r->{ParmT} = $parmt;
$r->{AssocRaw} = $cooks;
$r->{UserOK} = $cooku;
$r->{ParmT} = $parmt;
$r->{AssocRaw} = $cooks;
$r->{UserOK} = $cooku;
@@
-1018,6
+1026,16
@@
sub _db_record_login_ok ($$$) {
$h, $user, time);
}
$h, $user, time);
}
+sub _db_update_last ($$) {
+ # revokes $h if it's valid; no-op if it's not
+ my ($r,$user,$h) = @_;
+ my $dbh = $r->{Dbh};
+ $dbh->do("UPDATE $r->{S}{db_prefix}_assocs".
+ " SET last = ?".
+ " WHERE username = ? AND assochash = ?", {},
+ time, $user, $h);
+}
+
sub check_divert ($) {
my ($r) = @_;
if (exists $r->{Divert}) {
sub check_divert ($) {
my ($r) = @_;
if (exists $r->{Divert}) {
@@
-1121,6
+1139,10
@@
sub check_ok ($) {
$title = $r->_gt('Not logged in');
push @body, $divert->{Message};
push @body, $r->_ch('gen_login_link', $params);
$title = $r->_gt('Not logged in');
push @body, $divert->{Message};
push @body, $r->_ch('gen_login_link', $params);
+ } elsif ($kind =~ m/^STALE/) {
+ $title = $r->_gt('Re-entering secure site.');
+ push @body, $divert->{Message};
+ push @body, $r->_ch('gen_postmainpage_form', $params);
} elsif ($kind =~ m/^MAINPAGEONLY$/) {
$title = $r->_gt('Entering secure site.');
push @body, $divert->{Message};
} elsif ($kind =~ m/^MAINPAGEONLY$/) {
$title = $r->_gt('Entering secure site.');
push @body, $divert->{Message};
@@
-1360,7
+1382,7
@@
sub check_nonpage ($$) {
my ($r, $reqtype) = @_;
$r->_assert_checked();
return unless $r->resource_get_needs_secret_hidden($reqtype);
my ($r, $reqtype) = @_;
$r->_assert_checked();
return unless $r->resource_get_needs_secret_hidden($reqtype);
- return if $r->{ParmT};
+ return if $r->{ParmT}
eq 'y'
;
die "missing hidden secret parameter on nonpage request $reqtype";
}
die "missing hidden secret parameter on nonpage request $reqtype";
}