From c721370bc2c7ee369b292ba768cb20a9864a805c Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 2 Sep 2018 05:48:19 +0200 Subject: Fripost::Session: OO interface. --- run.psgi | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'run.psgi') diff --git a/run.psgi b/run.psgi index 4ad719e..8389118 100644 --- a/run.psgi +++ b/run.psgi @@ -191,7 +191,7 @@ $builder->mount("/login" => sub($) { # $creds contains its own authentication ID; we're can't use # the session ID because the new one isn't available until # after the function exits - $req->session->{credentials} = Fripost::Session::->create($fp); + $req->session->{credentials} = Fripost::Session::->new($fp); # login was successful; get a new session ID now, to protect # against session fixation attacks @@ -239,9 +239,7 @@ $builder->mount("/logout" => sub($) { if (defined (eval { csrf_token_validate($req) })) { # silently try to destroy the session on the LDAP backend - Fripost::Session::destroy($req->session->{credentials}, - %CONFIG, onerror => sub($@) {} - ); + $req->session->{credentials}->destroy(%CONFIG, onerror => sub($@) {}); # force the session to expire in our local cache delete $req->session->{credentials}; @@ -273,10 +271,8 @@ $builder->mount($WELCOME_PAGE => sub($) { my %tmpl_params; my $r = eval { - # auth using the session credentials (refresh the entry) - Fripost::Session::authenticate($req->session->{credentials}, - %CONFIG, onerror => \&throw - ); + # authenticate the session credentials (and refresh the entry) + $req->session->{credentials}->authenticate(%CONFIG, onerror => \&throw); }; if (defined $r) { $tmpl_params{AUTHZID} = $req->session->{credentials}->{authzid}; -- cgit v1.2.3