From 5800c9b719b18dc727171cf66b8dcd410b18b434 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 28 Oct 2012 20:32:30 +0000
Subject: [PATCH] wip verifier / request obj split

---
 cgi-auth-hybrid.pm | 106 +++++++++++++++++++++++++++------------------
 1 file changed, 63 insertions(+), 43 deletions(-)

diff --git a/cgi-auth-hybrid.pm b/cgi-auth-hybrid.pm
index bf2bdd6..76342e4 100644
--- a/cgi-auth-hybrid.pm
+++ b/cgi-auth-hybrid.pm
@@ -32,7 +32,9 @@ our @EXPORT_OK;
 use DBI;
 use CGI;
 
-sub new {
+#---------- verifier object methods ----------
+
+sub new_verifier {
     my $class = shift;
     my $s = {
 	S => {
@@ -46,12 +48,11 @@ sub new {
 	    login_timeout => 86400, # seconds
 	    param_name => 'cah_associd',
 	    cookie_name => 'cah_associd', # make undef to disable cookie
-	    cgi => undef,
-	    get_param => sub { $s->_c()->param($s->{S}{param_name}) },
+	    get_param => sub { $_[0]->param($s->{S}{param_name}) },
 	    get_cookie => sub { $s->{S}{cookie_name}
-				? $s->_c()->cookie($s->{S}{cookie_name})
+				? $_[0]->cookie($s->{S}{cookie_name})
 				: '' },
-	    get_method => sub { $s->_c()->request_method() },
+	    get_method => sub { $_[0]->request_method() },
 	},
 	D => undef,
     };
@@ -61,14 +62,10 @@ sub new {
 	$s->{S}{$k} = $v;
     }
     bless $s, $class;
+    $s->_dbopen();
     return $s;
 }
 
-sub _c ($) {
-    my ($s) = @_;
-    return $s->{S}{cgi};
-}
-
 sub _dbopen ($) {
     my ($s) = @_;
     my $dbh = $s->{D};
@@ -96,93 +93,116 @@ sub _dbopen ($) {
     return $dbh;
 }
 
+#---------- request object methods ----------
+
+sub new_request {
+    my ($classbase, $cgi, @extra) = @_;
+    if (!ref $classbase) {
+	$classbase = $classbase->new_verifier(@extra);
+    } else {
+	die if @extra;
+    }
+    my $r = {
+	S => $classbase->{S},
+	D => $classbase->{D},
+	C => $cgi,
+    };
+    bless $r, ref $classbase;
+}
+
+sub _cm ($$@) {
+    my ($r,$methname, @args) = @_;
+    my $methfunc = $r->{S}{$methname};
+    return $methfunc->($r->{C}, $r, @args);
+}
+
 sub record_login ($$) {
-    my ($s,$nusername) = @_;
-    my $rsp = $s->{S}{random_source};
+    my ($r,$nusername) = @_;
+    my $rsp = $r->{S}{random_source};
     my $rsf = new IO::File $rsp, '<' or die "$rsp $!";
-    my $bytes = ($s->{S}{associdlen} + 7) >> 3;
+    my $bytes = ($r->{S}{associdlen} + 7) >> 3;
     my $nassocbin;
     $!=0;
     read($rsf,$nassocbin,$bytes) == $bytes or die "$rsp $!";
     close $rsf;
     my $nassoc = unpack "H*", $nassocbin;
-    my $dbh = $s->_dbopen();
-    $dbh->do("INSERT INTO $s->{S}{assocdb_table}".
+    my $dbh = $r->{D};
+    $dbh->do("INSERT INTO $r->{S}{assocdb_table}".
 	     " (associd, username, last) VALUES (?,?,?)", {},
 	     $nassoc, $nusername, time);
     $dbh->do("COMMIT");
-    $s->{U} = $nusername;
-    $s->{A} = $nassoc;
+    $r->{U} = $nusername;
+    $r->{A} = $nassoc;
 }
 
 sub _check ($) {
-    my ($s) = @_;
-    my $qassoc = $s->{S}{param_get}();
+    my ($r) = @_;
+    my $qassoc = $r->_cm('get_param');
     if (!defined $qassoc) {
-	$qassoc = $s->{S}{cookie_get}();
+	$qassoc = $r->_cm('get_cookie');
 	return undef unless defined $qassoc;
-	return undef unless $s->{S}{get_method}() eq 'GET';
+	return undef unless $r->_cm('get_method') eq 'GET';
     }
-    my $dbh = $s->_dbopen();
+    my $dbh = $r->_dbopen();
     my ($nusername, $nlast) =
 	$dbh->selectrow_array("SELECT username, last".
-			      " FROM $s->{S}{assocdb_table}".
+			      " FROM $r->{S}{assocdb_table}".
 			      " WHERE associd = ?", {}, $qassoc);
     return undef unless defined $nusername;
-    my $timeout = $s->{S}{login_timeout};
+    my $timeout = $r->{S}{login_timeout};
     return undef unless !defined $timeout || time <= $nlast + $timeout;
 
     return ($nusername, $qassoc);
 }
 
 sub check ($) {
-    my ($s) = @_;
+    my ($r) = @_;
 
-    my ($nusername, $qassoc) = $s->_check() or return undef;
+    my ($nusername, $qassoc) = $r->_check() or return undef;
 
     # hooray
-    $dbh->do("UPDATE $s->{S}{assocdb_table}".
+    $dbh->do("UPDATE $r->{S}{assocdb_table}".
 	     " SET last = ?".
 	     " WHERE associd = ?", {}, time, $qassoc);
     $dbh->do("COMMIT");
 
-    $s->{U} = $nusername;
-    $s->{A} = $qassoc;
+    $r->{U} = $nusername;
+    $r->{A} = $qassoc;
     return $username;
 }
 
 sub logout ($) {
-    my ($s) = @_;
+    my ($r) = @_;
 
-    if (my ($nusername, $qassoc) = $s->_check()) {
-	$dbh->do("DELETE FROM $s->{S}{assocdb_table}".
+    if (my ($nusername, $qassoc) = $r->_check()) {
+	$dbh->do("DELETE FROM $r->{S}{assocdb_table}".
 		 " WHERE associd = ?", {}, $qassoc);
 	$dbh->do("COMMIT");
     }
 }
 
 sub username ($) {
-    my ($s) = @_;
-    return $s->{U};
+    my ($r) = @_;
+    return $r->{U};
 
 sub hiddenv ($) {
-    my ($s) = @_;
-    return defined $s->{A} ? $s->{A} : '';
+    my ($r) = @_;
+    return defined $r->{A} ? $r->{A} : '';
 }
 
 sub hiddena ($) {
-    my ($s) = @_;
-    return (-name => $s->{param_name},
-	    -default => $s->hiddenv());
+    my ($r) = @_;
+    return (-name => $r->{param_name},
+	    -default => $r->hiddenv());
 }
 
 sub hiddenh ($) {
-    my ($s) = @_;
-    return hidden($s->hiddena());
+    my ($r) = @_;
+    return hidden($r->hiddena());
 }
 
 sub cookieac ($) {
-    my ($s) = @_;
-    return (-name => $s->{cookie_name},
+    my ($r) = @_;
+    return (-name => $r->{cookie_name},
 	    -value => hiddenv());
 	    
-- 
2.30.2