Prettify `login_do` action and remove one session per user limit

`login_do` now uses a try/catch control structure instead of the
horrifying nested if/else control structure it used before. I'd think a
failed login attempt counts as an exception, so it should be fair to use
it here?

I have also removed the one session per user limit for now. I'm going to
replace it with a manual session manager in user settings later
hopefully, and some sort of periodically run script that deletes any
expired sessions from the DB, plus maybe other places where they get
deleted.

any `use experimental 'name'` instances have been removed too since
Mojolicious complains about your use of experimental features no matter
what anyways!
This commit is contained in:
ngoomie 2023-05-07 22:16:22 -06:00
parent c4f02ec4b6
commit 07977292fe
6 changed files with 84 additions and 38 deletions

6
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,6 @@
{
"recommendations": [
"kraih.mojolicious",
"aaron-bond.better-comments"
]
}

49
.vscode/settings.json vendored
View File

@ -16,5 +16,54 @@
"subf",
"subforum",
"subforums"
],
"better-comments.highlightPlainText": true,
"better-comments.tags": [
{
"tag": "!",
"color": "#FF2D00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "?",
"color": "#3498DB",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "//",
"color": "#474747",
"strikethrough": true,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "todo",
"color": "#FF8C00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "*",
"color": "#98C379",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
}
]
}

View File

@ -1,5 +1,5 @@
--
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 00:02:05 2023
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 22:15:23 2023
--
-- Text encoding used: UTF-8
--
@ -48,7 +48,6 @@ DROP TABLE IF EXISTS sessions;
CREATE TABLE IF NOT EXISTS sessions (
user_id INTEGER PRIMARY KEY
REFERENCES users (user_id)
UNIQUE
NOT NULL,
session_key TEXT NOT NULL
UNIQUE,

View File

@ -1,5 +1,4 @@
package CharmBoard;
use experimental 'smartmatch';
use Mojo::Base 'Mojolicious', -signatures;
use CharmBoard::Schema;

View File

@ -76,18 +76,18 @@ sub login_do ($app) {
my $username = $app->param('username');
my $password = $app->pepper . ':' . $app->param('password');
my $userInfoCheck = $app->schema->resultset('Users')->search({username => $username});
try {
# check to see if user by entered username exists
my $userInfo = $app->schema->resultset('Users')->search({username => $username});
$userInfo or die;
if ($userInfoCheck) {
my $passCheckStatus = passchk($userInfoCheck->get_column('salt')->first,
$userInfoCheck->get_column('password')->first, $password);
# now check password validity
my $passCheck = passchk($userInfo->get_column('salt')->first,
$userInfo->get_column('password')->first, $password);
$passCheck or die;
if ($passCheckStatus) {
my $userID = $userInfoCheck->get_column('user_id')->first;
# delete old session from DB if exists
if ($app->schema->resultset('Session')->search({user_id => $userID})) {
$app->schema->resultset('Session')->search({user_id => $userID})->delete; };
# get user ID for session creation
my $userID = $userInfo->get_column('user_id')->first;
# gen session key and set expiry time
my $sessionKey = seasoning(16);
@ -107,17 +107,11 @@ sub login_do ($app) {
$app->session(session_key => $sessionKey);
$app->session(expires => $sessionExpiry);
# redirect to index
# redirect to index upon success
$app->redirect_to('/')}
else {
$app->flash(error => 'Password incorrect');
$app->redirect_to('login')}}
else {
$app->flash(error => 'User ' . $username . ' does not exist.');
$app->redirect_to('login')};
}
catch ($error) { # redir to login page on fail
print $error;
$app->flash(error => 'Username or password incorrect.');
$app->redirect_to('login')}};
1;

View File

@ -3,7 +3,6 @@
use strict;
use warnings;
use utf8;
use experimental 'smartmatch';
use Mojo::File qw(curfile);
use lib curfile->dirname->sibling('lib')->to_string;