nu
/
CharmBoard
1
0
Fork 0
Code Issues 8 Pull Requests Projects 1 Releases Activity

Compare commits

base: nu:e12849508e61a370d4258a0069fb70728a2a0e04
Branches Tags
nu:main
...
compare: nu:07977292fe5c80a677d4fcca98c389ed5b252f99
Branches Tags
nu:main

2 Commits
e12849508e ... 07977292fe

Author SHA1 Message Date
ngoomie 07977292fe Prettify `login_do` action and remove one session per user limit 
`login_do` now uses a try/catch control structure instead of the
horrifying nested if/else control structure it used before. I'd think a
failed login attempt counts as an exception, so it should be fair to use
it here?

I have also removed the one session per user limit for now. I'm going to
replace it with a manual session manager in user settings later
hopefully, and some sort of periodically run script that deletes any
expired sessions from the DB, plus maybe other places where they get
deleted.

any `use experimental 'name'` instances have been removed too since
Mojolicious complains about your use of experimental features no matter
what anyways!
 2023-05-07 22:16:22 -06:00
ngoomie c4f02ec4b6 `thread_id` in `posts` table should not autoincrement 2023-05-07 19:15:24 -06:00
7 changed files with 85 additions and 39 deletions
Show Stats Expand all files Collapse all files

6
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,6 @@
{
"recommendations": [
"kraih.mojolicious",
"aaron-bond.better-comments"
]
}

49
.vscode/settings.json vendored
View File

@ -16,5 +16,54 @@
"subf",
"subforum",
"subforums"
],
"better-comments.highlightPlainText": true,
"better-comments.tags": [
{
"tag": "!",
"color": "#FF2D00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "?",
"color": "#3498DB",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "//",
"color": "#474747",
"strikethrough": true,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "todo",
"color": "#FF8C00",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
},
{
"tag": "*",
"color": "#98C379",
"strikethrough": false,
"underline": false,
"backgroundColor": "transparent",
"bold": false,
"italic": false
}
]
}

3
database.sql
View File

@ -1,5 +1,5 @@
--
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 00:02:05 2023
-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 22:15:23 2023
--
-- Text encoding used: UTF-8
--
@ -48,7 +48,6 @@ DROP TABLE IF EXISTS sessions;
CREATE TABLE IF NOT EXISTS sessions (
user_id INTEGER PRIMARY KEY
REFERENCES users (user_id)
UNIQUE
NOT NULL,
session_key TEXT NOT NULL
UNIQUE,

1
lib/CharmBoard.pm
View File

@ -1,5 +1,4 @@
package CharmBoard;
use experimental 'smartmatch';
use Mojo::Base 'Mojolicious', -signatures;
use CharmBoard::Schema;

58
lib/CharmBoard/Controller/Auth.pm
View File

@ -76,48 +76,42 @@ sub login_do ($app) {
my $username = $app->param('username');
my $password = $app->pepper . ':' . $app->param('password');
my $userInfoCheck = $app->schema->resultset('Users')->search({username => $username});
try {
# check to see if user by entered username exists
my $userInfo = $app->schema->resultset('Users')->search({username => $username});
$userInfo or die;
if ($userInfoCheck) {
my $passCheckStatus = passchk($userInfoCheck->get_column('salt')->first,
$userInfoCheck->get_column('password')->first, $password);
# now check password validity
my $passCheck = passchk($userInfo->get_column('salt')->first,
$userInfo->get_column('password')->first, $password);
$passCheck or die;
if ($passCheckStatus) {
my $userID = $userInfoCheck->get_column('user_id')->first;
# get user ID for session creation
my $userID = $userInfo->get_column('user_id')->first;
# delete old session from DB if exists
if ($app->schema->resultset('Session')->search({user_id => $userID})) {
$app->schema->resultset('Session')->search({user_id => $userID})->delete; };
# gen session key and set expiry time
my $sessionKey = seasoning(16);
my $sessionExpiry = time + 604800;
# gen session key and set expiry time
my $sessionKey = seasoning(16);
my $sessionExpiry = time + 604800;
# add session to database
$app->schema->resultset('Session')->create({
# add session to database
$app->schema->resultset('Session')->create({
user_id => $userID,
session_key => $sessionKey,
session_expiry => $sessionExpiry,
is_ip_bound => 0,
bound_ip => undef });
# now create session cookie for user
$app->session(is_auth => 1);
$app->session(user_id => $userID);
$app->session(session_key => $sessionKey);
$app->session(expires => $sessionExpiry);
# now create session cookie for user
$app->session(is_auth => 1);
$app->session(user_id => $userID);
$app->session(session_key => $sessionKey);
$app->session(expires => $sessionExpiry);
# redirect to index
$app->redirect_to('/')}
else {
$app->flash(error => 'Password incorrect');
$app->redirect_to('login')}}
else {
$app->flash(error => 'User ' . $username . ' does not exist.');
$app->redirect_to('login')};
}
# redirect to index upon success
$app->redirect_to('/')}
catch ($error) { # redir to login page on fail
print $error;
$app->flash(error => 'Username or password incorrect.');
$app->redirect_to('login')}};
1;

2
lib/CharmBoard/Schema/Result/Posts.pm
View File

@ -13,7 +13,7 @@ __PACKAGE__->add_columns(
is_nullable => 0, },
thread_id => {
data_type => 'integer',
is_auto_increment => 1,
is_auto_increment => 0,
is_nullable => 0, },
post_date => {
data_type => 'integer',

1
script/CharmBoard
View File

@ -3,7 +3,6 @@
use strict;
use warnings;
use utf8;
use experimental 'smartmatch';
use Mojo::File qw(curfile);
use lib curfile->dirname->sibling('lib')->to_string;