135 lines
3.2 KiB
Perl
135 lines
3.2 KiB
Perl
##@class Lemonldap::NG::Portal::Main::Run
|
|
# Serve request part of Lemonldap::NG portal
|
|
#
|
|
# Methods:
|
|
# - handler(): verify that portal configuration is the same that the
|
|
# underlying handler configuration before launching
|
|
# Lemonldap::NG::Common::PSGI::Router::handler() (which parse
|
|
# routes)
|
|
#
|
|
# Entry points:
|
|
# - "/test": - authenticated() for already authenticated users
|
|
# - pleaseAuth() for others
|
|
# - "/": - login() ~first access
|
|
# - postLogin(), same for POST requests
|
|
# - authenticatedRequest() for authenticated users
|
|
package Lemonldap::NG::Portal::Main::Run;
|
|
|
|
use strict;
|
|
use Mouse;
|
|
use Lemonldap::NG::Portal::Main::Constants;
|
|
use Lemonldap::NG::Portal::Main::Request;
|
|
|
|
our $VERSION = '2.0.0';
|
|
|
|
sub handler {
|
|
my ( $self, $req ) = shift;
|
|
unless ($self->conf->{cfgNum}
|
|
and $self->conf->{cfgNum} eq HANDLER->lmConf->{cfgNum} )
|
|
{
|
|
$self->reloadConf();
|
|
}
|
|
bless $req, 'Lemonldap::NG::Portal::Main::Request';
|
|
return $self->SUPER::handler($req);
|
|
}
|
|
|
|
# CORE REST API
|
|
|
|
# Methods that handle /test
|
|
sub authenticated {
|
|
my ( $self, $req ) = @_;
|
|
return $self->sendJSONresponse( $req, { status => 1 } );
|
|
}
|
|
|
|
sub pleaseAuth {
|
|
my ( $self, $req ) = @_;
|
|
return $self->sendJSONresponse( $req, { status => 0 } );
|
|
}
|
|
|
|
# MAIN ENTRY POINTS
|
|
|
|
# List constants
|
|
sub authProcess { qw(extractFormInfo getUser authenticate) }
|
|
|
|
sub sessionDatas {
|
|
qw(setSessionInfo setMacros setGroups setPersistentSessionInfo
|
|
setLocalGroups store buildCookie);
|
|
}
|
|
|
|
sub login {
|
|
my ( $self, $req ) = @_;
|
|
return $req->do(
|
|
$req,
|
|
[
|
|
'controlUrl', @{ $self->beforeAuth },
|
|
&authProcess, @{ $self->betweenAuthAndDatas },
|
|
&sessionDatas, @{ $self->afterdatas },
|
|
]
|
|
);
|
|
}
|
|
|
|
sub postLogin {
|
|
my ( $self, $req ) = @_;
|
|
return $req->do(
|
|
$req,
|
|
[
|
|
'restoreArgs', 'controlUrl' @{ $self->beforeAuth },
|
|
&authProcess, @{ $self->betweenAuthAndDatas },
|
|
&sessionDatas, @{ $self->afterdatas },
|
|
]
|
|
);
|
|
}
|
|
|
|
sub authenticatedRequest {
|
|
my ( $self, $req ) = @_;
|
|
return $req->do( $req, $self->forAuthUser );
|
|
}
|
|
|
|
sub do {
|
|
my ( $self, $req, $steps ) = @_;
|
|
$req->steps($steps);
|
|
my $err = $self->process($req);
|
|
|
|
# TODO: updateStatus
|
|
if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) {
|
|
if ( $err > 0 ) {
|
|
return [
|
|
401,
|
|
[
|
|
'WWW-Authenticate' => "SSO " . $self->conf->{portal},
|
|
'Access-Control-Allow-Origin' => '*'
|
|
],
|
|
[]
|
|
];
|
|
}
|
|
else {
|
|
return $self->senfJSONresponse(
|
|
{ result => 1, message => 'Authenticated' } );
|
|
}
|
|
}
|
|
else {
|
|
if ($err) {
|
|
return $self->sendHtml( $req, $req->template || 'login' );
|
|
}
|
|
else {
|
|
return $self->autoRedirect($req);
|
|
}
|
|
}
|
|
}
|
|
|
|
sub process {
|
|
my ( $self, $req ) = @_;
|
|
|
|
#$req->error(PE_OK);
|
|
my $err = PE_OK;
|
|
while ( my $sub = shift @{ $req->steps } ) {
|
|
last if ( $err = $self->$sub($req) );
|
|
}
|
|
return $err;
|
|
}
|
|
|
|
# TODO in run
|
|
# - mustRedirect
|
|
|
|
1;
|