Add session verification helper (#19)

This commit is contained in:
ngoomie 2024-08-22 21:44:18 -06:00
parent dca1e2bca5
commit cf91c02ba0
2 changed files with 64 additions and 0 deletions

View File

@ -102,6 +102,42 @@ sub startup {
# now nuke the actual session cookie # now nuke the actual session cookie
$self->session(expires => 1); $self->session(expires => 1);
}); });
## verify session
$self->helper(session_verify => sub {
my $self = shift;
# get info from user's session cookie and store it in vars
my $_user_id = $self->session('user_id');
my $_session_key = $self->session('session_key');
my $_validity = 1;
my $_catch_error;
try {
# check to see if session with this id is present in db
($self->schema->resultset('Session')->search
({ 'session_key' => $_session_key })
->get_column('session_key')->first)
or die;
# check to see if the current session key's user id matches
# that of the user id in the database
$_user_id == ($self->schema->resultset('Session')->
session_uid($_session_key))
or die;
# check if session is still within valid time as recorded in
# the db
time < ($self->schema->resultset('Session')->
session_expiry($_session_key))
or die;
} catch ($_catch_error) {
$_validity = undef;
$self->session_destroy;
}
return $_validity;
});
# router # router
my $r = $self->routes; my $r = $self->routes;

View File

@ -0,0 +1,28 @@
package CharmBoard::Model::Schema::Set::Session;
use utf8;
use strict;
use warnings;
use experimental qw(try);
use feature ':5.20';
use base 'DBIx::Class::ResultSet';
sub session_uid {
my $set = shift;
return (
$set->search({ 'session_key' => $_[0] })->get_column('user_id')
->first)
}
sub session_expiry {
my $set = shift;
return (
$set->search({ 'session_key' => $_[0] })->get_column('session_expiry')
->first)
}
1;
__END__