Prettify `login_do` action and remove one session per user limit
`login_do` now uses a try/catch control structure instead of the horrifying nested if/else control structure it used before. I'd think a failed login attempt counts as an exception, so it should be fair to use it here? I have also removed the one session per user limit for now. I'm going to replace it with a manual session manager in user settings later hopefully, and some sort of periodically run script that deletes any expired sessions from the DB, plus maybe other places where they get deleted. any `use experimental 'name'` instances have been removed too since Mojolicious complains about your use of experimental features no matter what anyways!
This commit is contained in:
parent
c4f02ec4b6
commit
07977292fe
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"recommendations": [
|
||||
"kraih.mojolicious",
|
||||
"aaron-bond.better-comments"
|
||||
]
|
||||
}
|
|
@ -16,5 +16,54 @@
|
|||
"subf",
|
||||
"subforum",
|
||||
"subforums"
|
||||
],
|
||||
"better-comments.highlightPlainText": true,
|
||||
"better-comments.tags": [
|
||||
|
||||
{
|
||||
"tag": "!",
|
||||
"color": "#FF2D00",
|
||||
"strikethrough": false,
|
||||
"underline": false,
|
||||
"backgroundColor": "transparent",
|
||||
"bold": false,
|
||||
"italic": false
|
||||
},
|
||||
{
|
||||
"tag": "?",
|
||||
"color": "#3498DB",
|
||||
"strikethrough": false,
|
||||
"underline": false,
|
||||
"backgroundColor": "transparent",
|
||||
"bold": false,
|
||||
"italic": false
|
||||
},
|
||||
{
|
||||
"tag": "//",
|
||||
"color": "#474747",
|
||||
"strikethrough": true,
|
||||
"underline": false,
|
||||
"backgroundColor": "transparent",
|
||||
"bold": false,
|
||||
"italic": false
|
||||
},
|
||||
{
|
||||
"tag": "todo",
|
||||
"color": "#FF8C00",
|
||||
"strikethrough": false,
|
||||
"underline": false,
|
||||
"backgroundColor": "transparent",
|
||||
"bold": false,
|
||||
"italic": false
|
||||
},
|
||||
{
|
||||
"tag": "*",
|
||||
"color": "#98C379",
|
||||
"strikethrough": false,
|
||||
"underline": false,
|
||||
"backgroundColor": "transparent",
|
||||
"bold": false,
|
||||
"italic": false
|
||||
}
|
||||
]
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
--
|
||||
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 00:02:05 2023
|
||||
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 22:15:23 2023
|
||||
--
|
||||
-- Text encoding used: UTF-8
|
||||
--
|
||||
|
@ -48,7 +48,6 @@ DROP TABLE IF EXISTS sessions;
|
|||
CREATE TABLE IF NOT EXISTS sessions (
|
||||
user_id INTEGER PRIMARY KEY
|
||||
REFERENCES users (user_id)
|
||||
UNIQUE
|
||||
NOT NULL,
|
||||
session_key TEXT NOT NULL
|
||||
UNIQUE,
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
package CharmBoard;
|
||||
use experimental 'smartmatch';
|
||||
use Mojo::Base 'Mojolicious', -signatures;
|
||||
use CharmBoard::Schema;
|
||||
|
||||
|
|
|
@ -76,18 +76,18 @@ sub login_do ($app) {
|
|||
my $username = $app->param('username');
|
||||
my $password = $app->pepper . ':' . $app->param('password');
|
||||
|
||||
my $userInfoCheck = $app->schema->resultset('Users')->search({username => $username});
|
||||
try {
|
||||
# check to see if user by entered username exists
|
||||
my $userInfo = $app->schema->resultset('Users')->search({username => $username});
|
||||
$userInfo or die;
|
||||
|
||||
if ($userInfoCheck) {
|
||||
my $passCheckStatus = passchk($userInfoCheck->get_column('salt')->first,
|
||||
$userInfoCheck->get_column('password')->first, $password);
|
||||
# now check password validity
|
||||
my $passCheck = passchk($userInfo->get_column('salt')->first,
|
||||
$userInfo->get_column('password')->first, $password);
|
||||
$passCheck or die;
|
||||
|
||||
if ($passCheckStatus) {
|
||||
my $userID = $userInfoCheck->get_column('user_id')->first;
|
||||
|
||||
# delete old session from DB if exists
|
||||
if ($app->schema->resultset('Session')->search({user_id => $userID})) {
|
||||
$app->schema->resultset('Session')->search({user_id => $userID})->delete; };
|
||||
# get user ID for session creation
|
||||
my $userID = $userInfo->get_column('user_id')->first;
|
||||
|
||||
# gen session key and set expiry time
|
||||
my $sessionKey = seasoning(16);
|
||||
|
@ -107,17 +107,11 @@ sub login_do ($app) {
|
|||
$app->session(session_key => $sessionKey);
|
||||
$app->session(expires => $sessionExpiry);
|
||||
|
||||
# redirect to index
|
||||
# redirect to index upon success
|
||||
$app->redirect_to('/')}
|
||||
|
||||
else {
|
||||
$app->flash(error => 'Password incorrect');
|
||||
$app->redirect_to('login')}}
|
||||
|
||||
else {
|
||||
$app->flash(error => 'User ' . $username . ' does not exist.');
|
||||
$app->redirect_to('login')};
|
||||
|
||||
}
|
||||
catch ($error) { # redir to login page on fail
|
||||
print $error;
|
||||
$app->flash(error => 'Username or password incorrect.');
|
||||
$app->redirect_to('login')}};
|
||||
|
||||
1;
|
|
@ -3,7 +3,6 @@
|
|||
use strict;
|
||||
use warnings;
|
||||
use utf8;
|
||||
use experimental 'smartmatch';
|
||||
|
||||
use Mojo::File qw(curfile);
|
||||
use lib curfile->dirname->sibling('lib')->to_string;
|
||||
|
|
Loading…
Reference in New Issue