nu
/
CharmBoard
1
0
Fork 0
Code Issues 8 Pull Requests Projects 1 Releases Activity

Prettify `login_do` action and remove one session per user limit 

`login_do` now uses a try/catch control structure instead of the
horrifying nested if/else control structure it used before. I'd think a
failed login attempt counts as an exception, so it should be fair to use
it here?

I have also removed the one session per user limit for now. I'm going to
replace it with a manual session manager in user settings later
hopefully, and some sort of periodically run script that deletes any
expired sessions from the DB, plus maybe other places where they get
deleted.

any `use experimental 'name'` instances have been removed too since
Mojolicious complains about your use of experimental features no matter
what anyways!
This commit is contained in:
ngoomie 2023-05-07 22:16:22 -06:00
parent c4f02ec4b6
commit 07977292fe
6 changed files with 84 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,6 @@
{
"recommendations": [
"kraih.mojolicious",
"aaron-bond.better-comments"
]
}

49
.vscode/settings.json vendored
View File

@ -16,5 +16,54 @@
"subf", "subf",
"subforum", "subforum",
"subforums" "subforums"
],
"better-comments.highlightPlainText": true,
"better-comments.tags": [
{
"tag": "!",
"color": "#FF2D00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "?",
"color": "#3498DB",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "//",
"color": "#474747",
"strikethrough": true,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "todo",
"color": "#FF8C00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "*",
"color": "#98C379",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
}
] ]
} }

3
database.sql
View File

@ -1,5 +1,5 @@
-- --
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 00:02:05 2023 -- File generated with SQLiteStudio v3.4.4 on Sun. May 7 22:15:23 2023
-- --
-- Text encoding used: UTF-8 -- Text encoding used: UTF-8
-- --
@ -48,7 +48,6 @@ DROP TABLE IF EXISTS sessions;
CREATE TABLE IF NOT EXISTS sessions ( CREATE TABLE IF NOT EXISTS sessions (
user_id INTEGER PRIMARY KEY user_id INTEGER PRIMARY KEY
REFERENCES users (user_id) REFERENCES users (user_id)
UNIQUE
NOT NULL, NOT NULL,
session_key TEXT NOT NULL session_key TEXT NOT NULL
UNIQUE, UNIQUE,

1
lib/CharmBoard.pm
View File

@ -1,5 +1,4 @@
package CharmBoard; package CharmBoard;
use experimental 'smartmatch';
use Mojo::Base 'Mojolicious', -signatures; use Mojo::Base 'Mojolicious', -signatures;
use CharmBoard::Schema; use CharmBoard::Schema;

36
lib/CharmBoard/Controller/Auth.pm
View File

@ -76,18 +76,18 @@ sub login_do ($app) {
my $username = $app->param('username'); my $username = $app->param('username');
my $password = $app->pepper . ':' . $app->param('password'); my $password = $app->pepper . ':' . $app->param('password');
my $userInfoCheck = $app->schema->resultset('Users')->search({username => $username}); try {
# check to see if user by entered username exists
my $userInfo = $app->schema->resultset('Users')->search({username => $username});
$userInfo or die;
if ($userInfoCheck) { # now check password validity
my $passCheckStatus = passchk($userInfoCheck->get_column('salt')->first, my $passCheck = passchk($userInfo->get_column('salt')->first,
$userInfoCheck->get_column('password')->first, $password); $userInfo->get_column('password')->first, $password);
$passCheck or die;
if ($passCheckStatus) { # get user ID for session creation
my $userID = $userInfoCheck->get_column('user_id')->first; my $userID = $userInfo->get_column('user_id')->first;
# delete old session from DB if exists
if ($app->schema->resultset('Session')->search({user_id => $userID})) {
$app->schema->resultset('Session')->search({user_id => $userID})->delete; };
# gen session key and set expiry time # gen session key and set expiry time
my $sessionKey = seasoning(16); my $sessionKey = seasoning(16);
@ -107,17 +107,11 @@ sub login_do ($app) {
$app->session(session_key => $sessionKey); $app->session(session_key => $sessionKey);
$app->session(expires => $sessionExpiry); $app->session(expires => $sessionExpiry);
# redirect to index # redirect to index upon success
$app->redirect_to('/')} $app->redirect_to('/')}
catch ($error) { # redir to login page on fail
else { print $error;
$app->flash(error => 'Password incorrect'); $app->flash(error => 'Username or password incorrect.');
$app->redirect_to('login')}} $app->redirect_to('login')}};
else {
$app->flash(error => 'User ' . $username . ' does not exist.');
$app->redirect_to('login')};
}
1; 1;

1
script/CharmBoard
View File

@ -3,7 +3,6 @@
use strict; use strict;
use warnings; use warnings;
use utf8; use utf8;
use experimental 'smartmatch';
use Mojo::File qw(curfile); use Mojo::File qw(curfile);
use lib curfile->dirname->sibling('lib')->to_string; use lib curfile->dirname->sibling('lib')->to_string;