StayConnected plugin ready (#1131)
TODO: stayconnected parameter in login.tpl, that's all !
This commit is contained in:
parent
cad016c4dd
commit
8a85dfe0c5
@ -32,6 +32,14 @@ has ott => (
|
|||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
|
# Default timeout: 1 month
|
||||||
|
has timeout => (
|
||||||
|
is => 'rw',
|
||||||
|
default => sub {
|
||||||
|
$_[0]->{conf}->{stayConnectedTimeout} || 2678400;
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
$self->addAuthRoute( registerbrowser => 'storeBrowser', ['POST'] );
|
$self->addAuthRoute( registerbrowser => 'storeBrowser', ['POST'] );
|
||||||
@ -40,6 +48,8 @@ sub init {
|
|||||||
|
|
||||||
# RUNNING METHODS
|
# RUNNING METHODS
|
||||||
|
|
||||||
|
# Registration: detect if user wants to stay connected. Then ask for
|
||||||
|
# fingerprint
|
||||||
sub newDevice {
|
sub newDevice {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
|
|
||||||
@ -49,8 +59,6 @@ sub newDevice {
|
|||||||
name => $req->sessionInfo->{ $self->conf->{whatToTrace} }
|
name => $req->sessionInfo->{ $self->conf->{whatToTrace} }
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
print STDERR Data::Dumper::Dumper($token);
|
|
||||||
use Data::Dumper;
|
|
||||||
$req->response(
|
$req->response(
|
||||||
$self->p->sendHtml(
|
$self->p->sendHtml(
|
||||||
$req,
|
$req,
|
||||||
@ -58,6 +66,7 @@ sub newDevice {
|
|||||||
params => {
|
params => {
|
||||||
URL => $req->urldc,
|
URL => $req->urldc,
|
||||||
TOKEN => $token,
|
TOKEN => $token,
|
||||||
|
ACTION => '/registerbrowser',
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
@ -66,6 +75,7 @@ sub newDevice {
|
|||||||
return PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Store datas in a long-time session
|
||||||
sub storeBrowser {
|
sub storeBrowser {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
$req->urldc( $req->param('url') );
|
$req->urldc( $req->param('url') );
|
||||||
@ -76,14 +86,16 @@ sub storeBrowser {
|
|||||||
if ( $tmp->{name} eq $uid ) {
|
if ( $tmp->{name} eq $uid ) {
|
||||||
if ( my $fg = $req->param('fg') ) {
|
if ( my $fg = $req->param('fg') ) {
|
||||||
my $ps = Lemonldap::NG::Common::Session->new(
|
my $ps = Lemonldap::NG::Common::Session->new(
|
||||||
storageModule => $self->conf->{persistentStorage},
|
storageModule => $self->conf->{globalStorage},
|
||||||
storageModuleOptions =>
|
storageModuleOptions =>
|
||||||
$self->conf->{persistentStorageOptions},
|
$self->conf->{globalStorageOptions},
|
||||||
kind => "Persistent",
|
kind => "SSO",
|
||||||
info => {
|
info => {
|
||||||
|
_utime => time + $self->timeout,
|
||||||
_session_uid => $uid,
|
_session_uid => $uid,
|
||||||
_connectedSince => time,
|
_connectedSince => time,
|
||||||
dataKeep => $req->datas->{dataToKeep},
|
dataKeep => $req->datas->{dataToKeep},
|
||||||
|
fingerprint => $fg,
|
||||||
},
|
},
|
||||||
);
|
);
|
||||||
$req->addCookie(
|
$req->addCookie(
|
||||||
@ -115,28 +127,68 @@ sub storeBrowser {
|
|||||||
return $self->p->do( $req, [ sub { PE_OK } ] );
|
return $self->p->do( $req, [ sub { PE_OK } ] );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Check for:
|
||||||
|
# - persistent connection cookie
|
||||||
|
# - valid session
|
||||||
|
# - uniq id is kept
|
||||||
|
# Then delete authentication methods from "steps" array.
|
||||||
sub check {
|
sub check {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
if ( my $cid = $req->cookies->{llngconnexion} ) {
|
if ( my $cid = $req->cookies->{llngconnexion} ) {
|
||||||
my $ps = Lemonldap::NG::Common::Session->new(
|
my $ps = Lemonldap::NG::Common::Session->new(
|
||||||
storageModule => $self->conf->{persistentStorage},
|
storageModule => $self->conf->{globalStorage},
|
||||||
storageModuleOptions => $self->conf->{persistentStorageOptions},
|
storageModuleOptions => $self->conf->{globalStorageOptions},
|
||||||
kind => "Persistent",
|
kind => "SSO",
|
||||||
id => $cid,
|
id => $cid,
|
||||||
);
|
);
|
||||||
# TODO: verify fingerprint
|
if ( $ps and my $uid = $ps->data->{_session_uid} ) {
|
||||||
if ( $ps and my $uid = $ps->data->{uid} ) {
|
$self->logger->debug('Persistent connection found');
|
||||||
|
if ( my $fg = $req->param('fg')
|
||||||
|
and my $token = $req->param('token') )
|
||||||
|
{
|
||||||
|
if ( my $prm = $self->ott->getToken($token) ) {
|
||||||
|
for my $k ( keys %{ $prm->{dataKeep} || {} } ) {
|
||||||
|
$self->logger->debug("Restore $k");
|
||||||
|
$req->set_param( $k, $prm->{$k} );
|
||||||
|
}
|
||||||
|
$self->logger->debug('Persistent connection found');
|
||||||
$req->user($uid);
|
$req->user($uid);
|
||||||
if ( $ps->data->{dataKeep} ) {
|
if ( $ps->data->{dataKeep} ) {
|
||||||
$req->data( $ps->data->{dataKeep} ) :;
|
$req->data( $ps->data->{dataKeep} );
|
||||||
}
|
}
|
||||||
my @steps =
|
my @steps =
|
||||||
grep { !ref $_ or $_ !~ /^(?:extractFormInfo|authenticate)$/ }
|
grep {
|
||||||
@{ $req->steps };
|
!ref $_
|
||||||
|
and $_ !~ /^(?:extractFormInfo|authenticate)$/
|
||||||
|
} @{ $req->steps };
|
||||||
$req->steps( \@steps );
|
$req->steps( \@steps );
|
||||||
$self->userLogger->notice("$uid connected by StayConnected cookie");
|
$self->userLogger->notice(
|
||||||
|
"$uid connected by StayConnected cookie");
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
$self->userLogger->notice(
|
||||||
|
"StayConnected: expired token for $uid");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
my $token = $self->ott->createToken( $req->parameters );
|
||||||
|
$req->response(
|
||||||
|
$self->p->sendHtml(
|
||||||
|
$req,
|
||||||
|
'../common/registerBrowser',
|
||||||
|
params => {
|
||||||
|
TOKEN => $token,
|
||||||
|
ACTION => '#',
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
return PE_SENDRESPONSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$self->userLogger->notice('Persistent connection expired');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<p>Please wait...</p>
|
<p>Please wait...</p>
|
||||||
<form id="form" method="post" action="/registerbrowser">
|
<form id="form" method="post" action="<TMPL_VAR NAME="ACTION">">
|
||||||
<input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
|
<input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
|
||||||
<input type="hidden" name="url" value="<TMPL_VAR NAME="URL">" />
|
<input type="hidden" name="url" value="<TMPL_VAR NAME="URL">" />
|
||||||
<input type="hidden" name="fg" id="fg" value="" />
|
<input type="hidden" name="fg" id="fg" value="" />
|
||||||
|
Loading…
Reference in New Issue
Block a user