Session verification-related changes

This commit is contained in:
ngoomie 2024-08-23 22:41:52 -06:00
parent cf91c02ba0
commit 6cf65a8edd
3 changed files with 35 additions and 26 deletions

View File

@ -106,34 +106,39 @@ sub startup {
$self->helper(session_verify => sub {
my $self = shift;
# get info from user's session cookie and store it in vars
my $_user_id = $self->session('user_id');
my $_session_key = $self->session('session_key');
my $_validity = 1;
my $_catch_error;
try {
# check to see if session with this id is present in db
($self->schema->resultset('Session')->search
({ 'session_key' => $_session_key })
->get_column('session_key')->first)
# get info from user's session cookie and store it in vars
my $_user_id = $self->session('user_id');
my $_session_key = $self->session('session_key');
my $_is_auth = $self->session('is_auth');
if ($_is_auth) {
try {
# check to see if session with this id is present in db
($self->schema->resultset('Session')->search
({ 'session_key' => $_session_key })
->get_column('session_key')->first)
or die;
# check to see if the current session key's user id matches
# that of the user id in the database
$_user_id == ($self->schema->resultset('Session')->
session_uid($_session_key))
or die;
# check to see if the current session key's user id matches
# that of the user id in the database
$_user_id == ($self->schema->resultset('Session')->
session_uid($_session_key))
or die;
# check if session is still within valid time as recorded in
# the db
time < ($self->schema->resultset('Session')->
session_expiry($_session_key))
or die;
} catch ($_catch_error) {
$_validity = undef;
$self->session_destroy;
# check if session is still within valid time as recorded in
# the db
time < ($self->schema->resultset('Session')->
session_expiry($_session_key))
or die;
} catch ($_catch_error) {
$_validity = undef;
$self->session_destroy;
}
} else {
$_validity = 0;
}
return $_validity;

View File

@ -12,6 +12,10 @@ use Tree::Simple;
sub index {
my $self = shift;
if ($self->session_verify eq undef) {
$self->redirect_to('/')
}
$self->render(
template => 'index',
category_tree => $self->model('forums')->list_full

View File

@ -2,8 +2,8 @@
my $userControls;
# TODO: once implemented, put username + profile link first
if ($self->session('is_auth') == 1) {
my $username =
if ($self->session('is_auth')) {
my $username = '';
$userControls = "<a href=\"/logout\">logout</a>"}
else {
$userControls =