aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--INSTALL1
-rw-r--r--lib/FPanel/Login.pm24
2 files changed, 16 insertions, 9 deletions
diff --git a/INSTALL b/INSTALL
index ef51895..3346e98 100644
--- a/INSTALL
+++ b/INSTALL
@@ -3,3 +3,4 @@ libcgi-application-plugin-authentication-perl
libcgi-application-plugin-config-simple-perl
libcgi-application-server-perl libhtml-template-pro-perl
libyaml-syck-perl
+libfreezethaw-perl
diff --git a/lib/FPanel/Login.pm b/lib/FPanel/Login.pm
index 8f0af21..332a380 100644
--- a/lib/FPanel/Login.pm
+++ b/lib/FPanel/Login.pm
@@ -22,29 +22,35 @@ sub cgiapp_init {
my $self = shift;
$self->session_config(
- # TODO: Use a Berkeley DB instead
- CGI_SESSION_OPTIONS => [ 'driver:File'
+ CGI_SESSION_OPTIONS => [ 'driver:DB_File;serializer:freezethaw'
, $self->query
- , { Directory => '/tmp/fpanel-cgisess' }
+ , { FileName => '/tmp/fpanel-cgisessions.db',
+ UMask => 0600 }
+ , { name => 'FripostAdminPanel_SessAuth' }
],
DEFAULT_EXPIRY => '+24h',
- COOKIE_PARAMS => { -path => '/index.cgi/'
+ COOKIE_PARAMS => { -name => 'FripostAdminPanel_SessAuth'
+ , -path => '/index.cgi/'
+ # Expires when the browser quits
+ , -expires => -1
+ ,'-max-age' => -1
+ # TODO: Turn the secure flag for HTTPS connections
+ , -secure => 0
+ # We are not using JavaScript in this framework
, -httponly => 1
-# # TODO: Turn the secure flag for HTTPS connections
- , -secure => 0
},
- SEND_COOKIE => 1,
+ SEND_COOKIE => 1,
);
# Configure authentication parameters
$self->authen->config(
DRIVER => [ 'Generic'
- , \&authenticate ],
+ , sub { &authenticate(@_) } ],
STORE => 'Session',
- LOGOUT_RUNMODE => 'logout',
LOGIN_RUNMODE => 'login',
RENDER_LOGIN => \&login_box,
LOGIN_SESSION_TIMEOUT => { IDLE_FOR => '30m' },
+ LOGOUT_RUNMODE => 'logout',
);
# The run modes that require authentication