Use a Berkeley DB to store the sessions.

author: Guilhem Moulin <guilhem.moulin@fripost.org> 2012-09-01 02:55:34 +0200
committer: Guilhem Moulin <guilhem.moulin@fripost.org> 2012-09-01 02:55:44 +0200
commit: 0b099273c878e84b5829f7b44eaa77686c2cd587 (patch)
tree: 1ff5f5e3843d877ea5f545104cc74fa238b79c31
parent: cc2eac1dcd3991e036875931fb78c609ff9dbbea (diff)
2 files changed, 16 insertions, 9 deletions
diff --git a/INSTALL b/INSTALL
index ef51895..3346e98 100644
--- a/INSTALL
+++ b/INSTALL
@@ -3,3 +3,4 @@ libcgi-application-plugin-authentication-perl
 libcgi-application-plugin-config-simple-perl
 libcgi-application-server-perl libhtml-template-pro-perl
 libyaml-syck-perl
+libfreezethaw-perl
diff --git a/lib/FPanel/Login.pm b/lib/FPanel/Login.pm
index 8f0af21..332a380 100644
--- a/lib/FPanel/Login.pm
+++ b/lib/FPanel/Login.pm
@@ -22,29 +22,35 @@ sub cgiapp_init {
     my $self = shift;
 
     $self->session_config(
-        # TODO: Use a Berkeley DB instead
-        CGI_SESSION_OPTIONS => [ 'driver:File'
+        CGI_SESSION_OPTIONS => [ 'driver:DB_File;serializer:freezethaw'
                                , $self->query
-                               , { Directory => '/tmp/fpanel-cgisess' }
+                               , { FileName => '/tmp/fpanel-cgisessions.db',
+                                   UMask => 0600 }
+                               , { name => 'FripostAdminPanel_SessAuth' }
                                ],
         DEFAULT_EXPIRY      => '+24h',
-        COOKIE_PARAMS       => { -path    => '/index.cgi/'
+        COOKIE_PARAMS       => { -name     => 'FripostAdminPanel_SessAuth'
+                               , -path     => '/index.cgi/'
+                               # Expires when the browser quits
+                               , -expires  => -1
+                               ,'-max-age' => -1
+                               # TODO: Turn the secure flag for HTTPS connections
+                               , -secure   => 0
+                               # We are not using JavaScript in this framework
                                , -httponly => 1
-#       # TODO: Turn the secure flag for HTTPS connections
-                               , -secure  => 0
                                },
-       SEND_COOKIE         => 1,
+       SEND_COOKIE          => 1,
     );
   
     # Configure authentication parameters
     $self->authen->config(
         DRIVER                => [ 'Generic'
-                                 , \&authenticate ],
+                                 , sub { &authenticate(@_) } ],
         STORE                 => 'Session',
-        LOGOUT_RUNMODE        => 'logout',
         LOGIN_RUNMODE         => 'login',
         RENDER_LOGIN          => \&login_box,
         LOGIN_SESSION_TIMEOUT => { IDLE_FOR => '30m' }, 
+        LOGOUT_RUNMODE        => 'logout',
     );
   
     # The run modes that require authentication
author	Guilhem Moulin <guilhem.moulin@fripost.org>	2012-09-01 02:55:34 +0200
committer	Guilhem Moulin <guilhem.moulin@fripost.org>	2012-09-01 02:55:44 +0200
commit	0b099273c878e84b5829f7b44eaa77686c2cd587 (patch)
tree	1ff5f5e3843d877ea5f545104cc74fa238b79c31
parent	cc2eac1dcd3991e036875931fb78c609ff9dbbea (diff)