diff --git a/lib/CharmBoard.pm b/lib/CharmBoard.pm index 5f789a0..f8365a7 100644 --- a/lib/CharmBoard.pm +++ b/lib/CharmBoard.pm @@ -106,36 +106,41 @@ sub startup { $self->helper(session_verify => sub { my $self = shift; - # get info from user's session cookie and store it in vars - my $_user_id = $self->session('user_id'); - my $_session_key = $self->session('session_key'); - my $_validity = 1; my $_catch_error; - try { - # check to see if session with this id is present in db - ($self->schema->resultset('Session')->search - ({ 'session_key' => $_session_key }) - ->get_column('session_key')->first) - or die; + # get info from user's session cookie and store it in vars + my $_user_id = $self->session('user_id'); + my $_session_key = $self->session('session_key'); + my $_is_auth = $self->session('is_auth'); - # check to see if the current session key's user id matches - # that of the user id in the database - $_user_id == ($self->schema->resultset('Session')-> - session_uid($_session_key)) - or die; - - # check if session is still within valid time as recorded in - # the db - time < ($self->schema->resultset('Session')-> - session_expiry($_session_key)) + if ($_is_auth) { + try { + # check to see if session with this id is present in db + ($self->schema->resultset('Session')->search + ({ 'session_key' => $_session_key }) + ->get_column('session_key')->first) + or die; + + # check to see if the current session key's user id matches + # that of the user id in the database + $_user_id == ($self->schema->resultset('Session')-> + session_uid($_session_key)) or die; - } catch ($_catch_error) { - $_validity = undef; - $self->session_destroy; + + # check if session is still within valid time as recorded in + # the db + time < ($self->schema->resultset('Session')-> + session_expiry($_session_key)) + or die; + } catch ($_catch_error) { + $_validity = undef; + $self->session_destroy; + } + } else { + $_validity = 0; } - + return $_validity; }); diff --git a/lib/CharmBoard/Controller/Index.pm b/lib/CharmBoard/Controller/Index.pm index a36a47a..403ec8b 100644 --- a/lib/CharmBoard/Controller/Index.pm +++ b/lib/CharmBoard/Controller/Index.pm @@ -12,6 +12,10 @@ use Tree::Simple; sub index { my $self = shift; + if ($self->session_verify eq undef) { + $self->redirect_to('/') + } + $self->render( template => 'index', category_tree => $self->model('forums')->list_full diff --git a/templates/layouts/default/_header.html.ep b/templates/layouts/default/_header.html.ep index a9d37de..a59b778 100644 --- a/templates/layouts/default/_header.html.ep +++ b/templates/layouts/default/_header.html.ep @@ -2,8 +2,8 @@ my $userControls; # TODO: once implemented, put username + profile link first -if ($self->session('is_auth') == 1) { - my $username = +if ($self->session('is_auth')) { + my $username = ''; $userControls = "logout"} else { $userControls =