X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=blobdiff_plain;f=cgi-auth-hybrid.pm;h=6d2838764ea5f477a8ed66e59b58e02e91d84e4c;hp=83ee4198ba2d72734eba4dc03f82d2430b3e5900;hb=b2d0c9b920f19f5fd913686e243fc66cd1e53b53;hpb=9810fb59419d20567ba6344aad1bbfbda3c7402c

diff --git a/cgi-auth-hybrid.pm b/cgi-auth-hybrid.pm
index 83ee419..6d28387 100644
--- a/cgi-auth-hybrid.pm
+++ b/cgi-auth-hybrid.pm
@@ -61,7 +61,7 @@ sub new_verifier {
 	    logout_param_names => [qw(logout)],
 	    promise_check_mutate => 0,
 	    get_param => sub { $_[0]->param($_[2]) },
-	    get_cookie => sub { $_[0]->cookie($s->{S}{cookie_name}) },
+	    get_cah_cookie => sub { $_[0]->cookie($s->{S}{cookie_name}) },
 	    get_method => sub { $_[0]->request_method() },
             is_login => sub { defined $_[1]->_rp('password_param_name') },
             login_ok => sub { die },
@@ -132,7 +132,7 @@ sub _ch ($$@) { # calls an application hook
 
 sub _rp ($$@) {
     my ($r,$pnvb) = @_;
-    my $pn = $r->{S}{"${pnvb}_param_name"};
+    my $pn = $r->{S}{$pnvb};
     my $p = $r->_ch('get_param',$pn)
 }
 
@@ -161,7 +161,7 @@ sub _rp ($$@) {
 # no) cookie.
 
     # Case analysis, cookie mode, app promises re mutate:
-    # cook par meth  form
+    # cook parm meth form
     #                      
     #  any -   POST  nrmuoi   bug or attack, fail
     #  any -   GET    rmuoi   bug or attack, fail
@@ -177,13 +177,13 @@ sub _rp ($$@) {
     #
     #  -   t   POST       i   complain about cookies being disabled
     #
-    #  -   n   POST       i   complain about stale login form
+    #  any n   POST       i   complain about stale login form
     #                           show new login form
     #
-    #  x1  x2  POST       i   login (or switch user)
-    #                           revoke x1 if it was valid and !=x2
-    #                           upgrade x2 to y2 in our db (setting username)
-    #                           set cookie to x2
+    #  x1  t2  POST       i   login (or switch user)
+    #                           revoke x1 if it was valid and !=t2
+    #                           upgrade t2 to y2 in our db (setting username)
+    #                           set cookie to t2
     #                           redirect to GET of remaining params
     #
     #  t1  a2  ANY   nrmu     treat as  - a2 ANY
@@ -232,6 +232,38 @@ sub _rp ($$@) {
     #  -/n n   POST  nrmu     user not logged in
     #                           fail
 
+sub check_divert ($) {
+    my ($r) = @_;
+
+    my $cookv = $r->_ch('get_cah_cookie');
+    my $parmv = $r->_rp('assoc_param_name');
+
+    my $cookt = $r->_db_lookup($cookv);
+    my $parmt = $r->_db_lookup($parmv);
+
+    if ($r->_ch('is_logout')) {
+	$r->_must_be_post();
+	die unless $parmt;
+	$r->_db_perhaps_revoke($cookv);
+	$r->_db_perhaps_revoke($parmv);
+	return 'LOGOUT';
+    }
+    if ($r->_ch('is_login')) {
+	return 'NOCOOKIE' if !$cookt && $parmt eq 't';
+	return 'LOGIN-STALE' if $parmt eq 'n';
+	$r->_db_perhpa
+	my $username = $r->_ch('login_ok');
+	return 'LOGIN-BAD' unless defined $username && length $username;
+	$r->_db_
+
+	}
+	
+
+	$r->_will_set_cookie('');
+	
+    }
+
+
 UP TO HERE
 
 sub _check_core ($) {