Add session verification helper (#19)

lib/CharmBoard.pm

@@ -102,6 +102,42 @@ sub startup {
     # now nuke the actual session cookie
     $self->session(expires => 1);
   });
+  ## verify session
+  $self->helper(session_verify => sub {
+    my $self = shift;
+
+    # get info from user's session cookie and store it in vars
+    my $_user_id = $self->session('user_id');
+    my $_session_key = $self->session('session_key');
+
+    my $_validity = 1;
+    my $_catch_error;
+
+    try {
+      # check to see if session with this id is present in db
+      ($self->schema->resultset('Session')->search
+        ({ 'session_key' => $_session_key })
+        ->get_column('session_key')->first)
+            or die;
+
+      # check to see if the current session key's user id matches
+      # that of the user id in the database
+      $_user_id == ($self->schema->resultset('Session')->
+        session_uid($_session_key))
+           or die;
+      
+      # check if session is still within valid time as recorded in
+      # the db
+      time < ($self->schema->resultset('Session')->
+        session_expiry($_session_key))
+            or die;
+    } catch ($_catch_error) {
+      $_validity = undef;
+      $self->session_destroy;
+    }
+    
+    return $_validity;
+  });
 
   # router
   my $r = $self->routes;

lib/CharmBoard/Model/Schema/Set/Session.pm

@@ -0,0 +1,28 @@
+package CharmBoard::Model::Schema::Set::Session;
+
+use utf8;
+use strict;
+use warnings;
+use experimental qw(try);
+use feature ':5.20';
+
+use base 'DBIx::Class::ResultSet';
+
+sub session_uid {
+  my $set = shift;
+
+  return (
+    $set->search({ 'session_key' => $_[0] })->get_column('user_id')
+      ->first)
+}
+
+sub session_expiry {
+  my $set = shift;
+
+  return (
+    $set->search({ 'session_key' => $_[0] })->get_column('session_expiry')
+      ->first)
+}
+
+1;
+__END__