[Jifty-commit] r4842 - jifty/trunk/lib/Jifty/Web/Session
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Mon Jan 14 01:10:15 EST 2008
Author: audreyt
Date: Mon Jan 14 01:10:13 2008
New Revision: 4842
Modified:
jifty/trunk/lib/Jifty/Web/Session/ClientSide.pm
Log:
* Jifty::Web::Session::ClientSide - Unbreak this module by conforming
to the latest ::Session API (with _cookie_name) as well as Base-64
encoding the cookie itself.
Modified: jifty/trunk/lib/Jifty/Web/Session/ClientSide.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Web/Session/ClientSide.pm (original)
+++ jifty/trunk/lib/Jifty/Web/Session/ClientSide.pm Mon Jan 14 01:10:13 2008
@@ -24,6 +24,7 @@
use Crypt::CBC ();
use Crypt::Rijndael ();
use CGI::Cookie::Splitter ();
+use MIME::Base64;
my $session_key;
my $splitter = CGI::Cookie::Splitter->new;
@@ -36,13 +37,14 @@
sub new {
my $class = shift;
+ my $cookie_name = Jifty->config->framework('Web')->{'SessionCookieName'};
my $session_key = Jifty->config->framework('Web')->{'SessionSecret'}
or die "Please set SessionSecret in your framework/Web settings";
my $cipher = Crypt::CBC->new(
-key => $session_key,
-cipher => 'Rijndael',
);
- bless { _cipher => $cipher, _session => undef }, $class;
+ bless { _cookie_name => $cookie_name, _cipher => $cipher, _session => undef }, $class;
}
=head2 _cipher
@@ -85,11 +87,11 @@
unless ($session_id) {
my $cookie_name = $self->cookie_name;
- $session_id = $cookies{$cookie_name}
- ? $cookies{$cookie_name}->value()
- : Jifty::Model::Session->new_session_id,
+ $session_id = $cookies{$cookie_name}->value() if $cookies{$cookie_name};
+ $session_id ||= Jifty::Model::Session->new_session_id;
}
+
my $data;
{
@@ -110,17 +112,19 @@
if ($data) {
local $@;
eval {
- $self->_session(
- Jifty::YAML::Load(
- Compress::Zlib::uncompress(
- $self->_cipher->decrypt(
+ if (my $session = Jifty::YAML::Load(
+ Compress::Zlib::uncompress(
+ $self->_cipher->decrypt(
+ decode_base64(
$data->value
)
)
)
- );
- die "Session id mismatch"
- unless $self->_session->{session_id} eq $session_id;
+ )) {
+ $self->_session($session);
+ die "Session id mismatch"
+ unless $self->_session->{session_id} eq $session_id;
+ }
1;
} and return;
warn $@ if $@;
@@ -220,10 +224,12 @@
my $data_cookie = CGI::Cookie->new(
-name => "JIFTY_DAT_$session_id",
-expires => $self->expires,
- -value => $self->_cipher->encrypt(
- Compress::Zlib::compress(
- Jifty::YAML::Dump(
- $self->_session
+ -value => encode_base64(
+ $self->_cipher->encrypt(
+ Compress::Zlib::compress(
+ Jifty::YAML::Dump(
+ $self->_session
+ )
)
)
)
More information about the Jifty-commit
mailing list