New feature in Portal: existing sessions are now examined and a new sub
`existingSession' is called if a previous session has been found.
This commit is contained in:
parent
643a9ad3b6
commit
d57de94078
|
@ -1,5 +1,8 @@
|
||||||
Revision history for Perl extension Lemonldap::NG::Portal.
|
Revision history for Perl extension Lemonldap::NG::Portal.
|
||||||
|
|
||||||
|
0.61 Sun Feb 11 9:10:12
|
||||||
|
- Existing sessions are now checked
|
||||||
|
|
||||||
0.5 Tue Dec 19 19:11:15
|
0.5 Tue Dec 19 19:11:15
|
||||||
- config is now shared with Lemonldap::NG::Manager::Conf
|
- config is now shared with Lemonldap::NG::Manager::Conf
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Portal;
|
||||||
|
|
||||||
print STDERR
|
print STDERR
|
||||||
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
|
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
|
||||||
our $VERSION = "0.6";
|
our $VERSION = "0.61";
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
||||||
|
@ -271,7 +271,7 @@ L<Lemonldap::NG::Portal::Simple>. It's the more used module.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<Lemonldap::NG::Portal::SharedConf>,
|
L<Lemonldap::NG::Portal::SharedConf>, L<Lemonldap::NG::Portal::Simple>
|
||||||
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Manager>
|
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Manager>
|
||||||
|
|
||||||
=head1 AUTHOR
|
=head1 AUTHOR
|
||||||
|
|
|
@ -9,12 +9,14 @@ use Net::LDAP;
|
||||||
use warnings;
|
use warnings;
|
||||||
use MIME::Base64;
|
use MIME::Base64;
|
||||||
use CGI;
|
use CGI;
|
||||||
|
use CGI::Cookie;
|
||||||
|
|
||||||
our $VERSION = '0.5';
|
our $VERSION = '0.61';
|
||||||
|
|
||||||
our @ISA = qw(CGI Exporter);
|
our @ISA = qw(CGI Exporter);
|
||||||
|
|
||||||
# Constants
|
# Constants
|
||||||
|
sub PE_DONE { -1 }
|
||||||
sub PE_OK { 0 }
|
sub PE_OK { 0 }
|
||||||
sub PE_SESSIONEXPIRED { 1 }
|
sub PE_SESSIONEXPIRED { 1 }
|
||||||
sub PE_FORMEMPTY { 2 }
|
sub PE_FORMEMPTY { 2 }
|
||||||
|
@ -41,7 +43,6 @@ our %EXPORT_TAGS = (
|
||||||
|
|
||||||
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
|
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
|
||||||
|
|
||||||
# TODO: remove this... and test !
|
|
||||||
our @EXPORT =
|
our @EXPORT =
|
||||||
qw( PE_OK PE_SESSIONEXPIRED PE_FORMEMPTY PE_WRONGMANAGERACCOUNT PE_USERNOTFOUND PE_BADCREDENTIALS
|
qw( PE_OK PE_SESSIONEXPIRED PE_FORMEMPTY PE_WRONGMANAGERACCOUNT PE_USERNOTFOUND PE_BADCREDENTIALS
|
||||||
PE_LDAPCONNECTFAILED PE_LDAPERROR PE_APACHESESSIONERROR PE_FIRSTACCESS PE_BADCERTIFICATE import );
|
PE_LDAPCONNECTFAILED PE_LDAPERROR PE_APACHESESSIONERROR PE_FIRSTACCESS PE_BADCERTIFICATE import );
|
||||||
|
@ -178,7 +179,8 @@ sub process {
|
||||||
else {
|
else {
|
||||||
last if ( $self->{error} = $self->$sub );
|
last if ( $self->{error} = $self->$sub );
|
||||||
}
|
}
|
||||||
} return ( $self->{error} ? 0 : 1 );
|
}
|
||||||
|
return ( ( $self->{error} > 0 ) ? 0 : 1 );
|
||||||
}
|
}
|
||||||
|
|
||||||
# 1. If the user was redirected here, we have to load 'url' parameter
|
# 1. If the user was redirected here, we have to load 'url' parameter
|
||||||
|
@ -197,6 +199,48 @@ sub controlUrlOrigin {
|
||||||
# - nothing: user is authenticated and process
|
# - nothing: user is authenticated and process
|
||||||
# returns true
|
# returns true
|
||||||
sub controlExistingSession {
|
sub controlExistingSession {
|
||||||
|
my $self = shift;
|
||||||
|
my %cookies = fetch CGI::Cookie;
|
||||||
|
# Test if Lemonldap::NG cookie is available
|
||||||
|
if ( my $id = $cookies{$self->{cookieName}}) {
|
||||||
|
my $h;
|
||||||
|
# Trying to recover session from global session storage
|
||||||
|
eval {
|
||||||
|
tie $h, $self->{globalStorage}, $id, $self->{globalStorageOptions};
|
||||||
|
};
|
||||||
|
if ( $@ or not tied($h) ) {
|
||||||
|
# Session not available (expired ?)
|
||||||
|
print STDERR "Session $id isn't yet available ($ENV{REMOTE_ADDR})";
|
||||||
|
return PE_OK;
|
||||||
|
}
|
||||||
|
# A session has been find => calling &existingSession
|
||||||
|
my $r;
|
||||||
|
if ( $self->{existingSession} ) {
|
||||||
|
$r = &{ $self->{existingSession} }($self, $id, \$h)
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$r = $self->existingSession($id, \$h);
|
||||||
|
}
|
||||||
|
if ( $r == PE_DONE) {
|
||||||
|
for my $sub qw(log autoRedirect) {
|
||||||
|
if ( $self->{$sub} ) {
|
||||||
|
last if ( $self->{error} = &{ $self->{$sub} }($self) );
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
last if ( $self->{error} = $self->$sub );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $self->{error} || PE_DONE;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return $r;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
PE_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub existingSession {
|
||||||
|
my ($self, $id, $datas) = @_;
|
||||||
PE_OK;
|
PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -518,7 +562,16 @@ used to redirect the user after authentication.
|
||||||
|
|
||||||
=head3 controlExistingSession
|
=head3 controlExistingSession
|
||||||
|
|
||||||
Controls if a previous session is always available.
|
Controls if a previous session is always available. If true, it call the sub
|
||||||
|
C<existingSession> with two parameters: id and a scalar tied on Apache::Session
|
||||||
|
module choosed to store sessions. See bellow
|
||||||
|
|
||||||
|
=head3 existingSession
|
||||||
|
|
||||||
|
This sub is called only if a previous session exists and is available. By
|
||||||
|
defaults, it returns PE_OK so user is re-authenticated. You can overload it:
|
||||||
|
for example if existingSession just returns PE_DONE: authenticated users are
|
||||||
|
not re-authenticated and C<>process> returns true.
|
||||||
|
|
||||||
=head3 extractFormInfo
|
=head3 extractFormInfo
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user