diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-07 06:57:40 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-07 06:57:40 +0000 |
| commit | 3c8bf664ba66bfcf8345cdc6c0eee7b5b6eae40d (patch) | |
| tree | 6249e39ebb950df7d26aefa24e59660cf9b0ab94 /LedgerSMB | |
| parent | 10797430c4c1f51dd6dc0b63207c8e0c1383ae37 (diff) | |
Authetication now works as far as the root document
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1714 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'LedgerSMB')
| -rwxr-xr-x | LedgerSMB/Session/DB.pm | 17 | ||||
| -rw-r--r-- | LedgerSMB/User.pm | 37 |
2 files changed, 6 insertions, 48 deletions
diff --git a/LedgerSMB/Session/DB.pm b/LedgerSMB/Session/DB.pm index 145e1476..4938b560 100755 --- a/LedgerSMB/Session/DB.pm +++ b/LedgerSMB/Session/DB.pm @@ -135,24 +135,22 @@ sub session_check { sub session_create { my ($lsmb) = @_; - my $lsmb; use Time::HiRes qw(gettimeofday); + my $dbh = $lsmb->{dbh}; + my $login = $lsmb->{login}; #microseconds are more than random enough for transaction_id my ( $ignore, $newTransactionID ) = gettimeofday(); $newTransactionID = int $newTransactionID; - if ( !$ENV{HTTP_HOST} ) { + if ( !$ENV{GATEWAY_INTERFACE} ) { #don't create cookies or sessions for CLI use return 1; } - # use the central database handle - my $dbh = $lsmb->{dbh}; - # TODO Change this to use %myconfig my $deleteExisting = $dbh->prepare( "DELETE @@ -160,7 +158,6 @@ sub session_create { WHERE session.users_id = (select id from users where username = ?) AND age(last_used) > ?::interval" ); - my $seedRandom = $dbh->prepare("SELECT setseed(?);"); my $fetchSequence = @@ -181,14 +178,12 @@ sub session_create { my $auth = $ENV{HTTP_AUTHORIZATION}; $auth =~ s/^Basic //i; - my ($login, undef) = split(/:/, MIME::Base64::decode($auth)); - $login =~ s/[^a-zA-Z0-9._+\@'-]//g; #delete any existing stale sessions with this login if they exist - if ( $lsmb->{timeout} ) { + if ( !$lsmb->{timeout} ) { $lsmb->{timeout} = 86400; } - + print STDERR "Breakpoint\n"; $deleteExisting->execute( $login, "$lsmb->{timeout} seconds" ) || $lsmb->dberror( __FILE__ . ':' . __LINE__ . ': Delete from session: ' ); @@ -218,7 +213,7 @@ sub session_create { my $newCookieValue = $newSessionID . ':' . $newTransactionID . ':' . $lsmb->{company}; - + print STDERR "Breakpoint\n"; #now set the cookie in the browser #TODO set domain from ENV, also set path to install path print qq|Set-Cookie: LedgerSMB=$newCookieValue; path=/;\n|; diff --git a/LedgerSMB/User.pm b/LedgerSMB/User.pm index 41aa0dcd..6107cfcb 100644 --- a/LedgerSMB/User.pm +++ b/LedgerSMB/User.pm @@ -190,43 +190,6 @@ sub fetch_config { # AND u.id = uc.id;" # ); - my $fetchUserSettings = $dbh->prepare(" - SELECT - u.username, - uc.dbname, - uc.port, - uc.host - - FROM users u - JOIN user_connection uc ON uc.user_id = u.id - WHERE u.username = ? - "); - - $fetchUserSettings->execute($login); - - #$fetchUserPrefs->execute($login); - - my $userHashRef = $fetchUserSettings->fetchrow_hashref; - if ( !$userHashRef ) { - &error( $self, "Access Denied" ); - } - - while ( my ( $key, $value ) = each( %{$userHashRef} ) ) { - $myconfig{$key} = $value; - } - - chomp( $myconfig{'port'} ); - chomp( $myconfig{'dbname'} ); - chomp( $myconfig{'host'} ); - - $myconfig{'login'} = $login; - $myconfig{'dbconnect'} = - 'dbi:Pg:dbname=' - . $myconfig{'dbname'} - . ';host=' - . $myconfig{'host'} - . ';port=' - . $myconfig{'port'}; return \%myconfig; } |