kalipso/racalmas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

limit session timeout and write sessions to sub temp dir

Browse Source
This commit is contained in:
Milan
2019-03-02 16:03:24 +01:00
parent 8776fc1652
commit 88a52dd674
1 changed files with 6 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/calcms/auth.pm
View File

@@ -16,7 +16,7 @@ use time();
use base 'Exporter'; use base 'Exporter';
our @EXPORT_OK = qw(get_user login logout crypt_password); our @EXPORT_OK = qw(get_user login logout crypt_password);
my $defaultExpiration = 60; my $defaultExpiration = 60;
my $tmp_dir = '/var/tmp/'; my $tmp_dir = '/var/tmp/calcms-session';
my $debug = 0; my $debug = 0;
sub debug; sub debug;
@@ -158,12 +158,14 @@ sub delete_cookie {
} }
#read and write server-side session data #read and write server-side session data
# expiration is in seconds
sub create_session { sub create_session {
my $user = shift; my $user = shift;
my $password = shift; my $password = shift;
my $expiration = shift; my $expiration = shift;
debug("create_session") if $debug; debug("create_session") if $debug;
mkdir $tmp_dir unless -e $tmp_dir;
my $session = CGI::Session->new( undef, undef, { Directory => $tmp_dir } ); my $session = CGI::Session->new( undef, undef, { Directory => $tmp_dir } );
$session->expire($expiration); $session->expire($expiration);
$session->param( "user", $user ); $session->param( "user", $user );
@@ -176,7 +178,7 @@ sub read_session {
my $session_id = shift; my $session_id = shift;
debug("read_session") if $debug; debug("read_session") if $debug;
return undef unless ( defined $session_id ); return undef unless defined $session_id;
debug("read_session2") if $debug; debug("read_session2") if $debug;
my $session = CGI::Session->new( undef, $session_id, { Directory => $tmp_dir } ); my $session = CGI::Session->new( undef, $session_id, { Directory => $tmp_dir } );
@@ -217,19 +219,13 @@ sub authenticate {
}; };
my $bind_values = [$user]; my $bind_values = [$user];
#print STDERR "query:".Dumper($query).Dumper($bind_values);
my $users = db::get( $dbh, $query, $bind_values ); my $users = db::get( $dbh, $query, $bind_values );
#print STDERR "result:".Dumper($users);
if ( scalar(@$users) != 1 ) { if ( scalar(@$users) != 1 ) {
print STDERR "auth: did not find user '$user'\n"; print STDERR "auth: did not find user '$user'\n";
return undef; return undef;
} }
#print STDERR Dumper($users);
my $salt = $users->[0]->{salt}; my $salt = $users->[0]->{salt};
my $ppr = Authen::Passphrase::BlowfishCrypt->from_crypt( $users->[0]->{pass}, $users->[0]->{salt} ); my $ppr = Authen::Passphrase::BlowfishCrypt->from_crypt( $users->[0]->{pass}, $users->[0]->{salt} );
@@ -239,9 +235,9 @@ sub authenticate {
return undef; return undef;
} }
# timeout in seconds
my $timeout = $users->[0]->{session_timeout} || 120; my $timeout = $users->[0]->{session_timeout} || 120;
$timeout = 10 if $timeout < 10; $timeout = 60 if $timeout < 60;
$timeout = 12 * 60 if $timeout > 12 * 60;
return { return {
timeout => $timeout, timeout => $timeout,