From 0b099273c878e84b5829f7b44eaa77686c2cd587 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 1 Sep 2012 02:55:34 +0200 Subject: Use a Berkeley DB to store the sessions. --- INSTALL | 1 + lib/FPanel/Login.pm | 24 +++++++++++++++--------- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/INSTALL b/INSTALL index ef51895..3346e98 100644 --- a/INSTALL +++ b/INSTALL @@ -3,3 +3,4 @@ libcgi-application-plugin-authentication-perl libcgi-application-plugin-config-simple-perl libcgi-application-server-perl libhtml-template-pro-perl libyaml-syck-perl +libfreezethaw-perl diff --git a/lib/FPanel/Login.pm b/lib/FPanel/Login.pm index 8f0af21..332a380 100644 --- a/lib/FPanel/Login.pm +++ b/lib/FPanel/Login.pm @@ -22,29 +22,35 @@ sub cgiapp_init { my $self = shift; $self->session_config( - # TODO: Use a Berkeley DB instead - CGI_SESSION_OPTIONS => [ 'driver:File' + CGI_SESSION_OPTIONS => [ 'driver:DB_File;serializer:freezethaw' , $self->query - , { Directory => '/tmp/fpanel-cgisess' } + , { FileName => '/tmp/fpanel-cgisessions.db', + UMask => 0600 } + , { name => 'FripostAdminPanel_SessAuth' } ], DEFAULT_EXPIRY => '+24h', - COOKIE_PARAMS => { -path => '/index.cgi/' + COOKIE_PARAMS => { -name => 'FripostAdminPanel_SessAuth' + , -path => '/index.cgi/' + # Expires when the browser quits + , -expires => -1 + ,'-max-age' => -1 + # TODO: Turn the secure flag for HTTPS connections + , -secure => 0 + # We are not using JavaScript in this framework , -httponly => 1 -# # TODO: Turn the secure flag for HTTPS connections - , -secure => 0 }, - SEND_COOKIE => 1, + SEND_COOKIE => 1, ); # Configure authentication parameters $self->authen->config( DRIVER => [ 'Generic' - , \&authenticate ], + , sub { &authenticate(@_) } ], STORE => 'Session', - LOGOUT_RUNMODE => 'logout', LOGIN_RUNMODE => 'login', RENDER_LOGIN => \&login_box, LOGIN_SESSION_TIMEOUT => { IDLE_FOR => '30m' }, + LOGOUT_RUNMODE => 'logout', ); # The run modes that require authentication -- cgit v1.2.3