]>
Commit | Line | Data |
---|---|---|
589b789c TC |
1 | package BSE::Session; |
2 | use strict; | |
589b789c TC |
3 | use CGI::Cookie; |
4 | use BSE::DB; | |
bd29e194 | 5 | use BSE::CfgInfo qw/custom_class/; |
589b789c | 6 | |
41292119 | 7 | our $VERSION = "1.003"; |
cb7fd78d | 8 | |
bd29e194 TC |
9 | sub _session_require { |
10 | my ($cfg) = @_; | |
11 | ||
12 | my $class = _session_class($cfg); | |
13 | $class =~ s!::!/!g; | |
14 | ||
15 | return "$class.pm"; | |
16 | } | |
17 | ||
18 | sub _session_class { | |
19 | my ($cfg) = @_; | |
20 | ||
5bbf7309 | 21 | return $cfg->entry('basic', 'session_class', "Apache::Session::MySQL"); |
bd29e194 TC |
22 | } |
23 | ||
24 | sub _send_session_cookie { | |
25 | my ($self, $session, $cfg) = @_; | |
26 | ||
27 | my $debug = $cfg->entry('debug', 'cookies'); | |
28 | ||
29 | my $cookie_name = $cfg->entry('basic', 'cookie_name', 'sessionid'); | |
dbe8a12a TC |
30 | my %extras; |
31 | if ($cfg->entry("basic", "http_only_session", 1)) { | |
32 | $extras{httponly} = 1; | |
33 | } | |
34 | if ($cfg->entry("basic", "secure_session")) { | |
35 | $extras{secure} = 1; | |
36 | } | |
37 | my $cookie = $self->make_cookie($cfg, $cookie_name => $session->{_session_id}, \%extras); | |
bd29e194 TC |
38 | BSE::Session->send_cookie($cookie); |
39 | ||
40 | print STDERR "Sent cookie: $cookie\n" if $debug; | |
41 | ||
42 | my $custom = custom_class($cfg); | |
43 | if ($custom->can('send_session_cookie')) { | |
44 | $custom->send_session_cookie($cookie_name, $session, $session->{_session_id}, $cfg); | |
45 | } | |
46 | } | |
589b789c | 47 | |
589b789c TC |
48 | sub tie_it { |
49 | my ($self, $session, $cfg) = @_; | |
3c8b9c2c | 50 | |
bd29e194 TC |
51 | my $require = _session_require($cfg); |
52 | require $require; | |
53 | ||
3c8b9c2c | 54 | my $cookie_name = $cfg->entry('basic', 'cookie_name', 'sessionid'); |
589b789c | 55 | my $lifetime = $cfg->entry('basic', 'cookie_lifetime') || '+3h'; |
2d873eb6 | 56 | my $debug = $cfg->entry('debug', 'cookies'); |
589b789c | 57 | my %cookies = fetch CGI::Cookie; |
2d873eb6 TC |
58 | if ($debug) { |
59 | require Data::Dumper; | |
60 | print STDERR "Received cookies: ", Data::Dumper::Dumper(\%cookies); | |
61 | } | |
589b789c | 62 | my $sessionid; |
3c8b9c2c | 63 | $sessionid = $cookies{$cookie_name}->value if exists $cookies{$cookie_name}; |
589b789c TC |
64 | |
65 | my $dh = BSE::DB->single; | |
66 | eval { | |
bd29e194 | 67 | tie %$session, _session_class($cfg), $sessionid, |
589b789c TC |
68 | { |
69 | Handle=>$dh->{dbh}, | |
70 | LockHandle=>$dh->{dbh} | |
71 | }; | |
72 | }; | |
505456b1 | 73 | print STDERR "Error getting session: $@\n" if $@ && $debug; |
589b789c TC |
74 | if ($@ && $@ =~ /Object does not exist/) { |
75 | # try again | |
76 | undef $sessionid; | |
bd29e194 | 77 | tie %$session, _session_class($cfg), $sessionid, |
589b789c TC |
78 | { |
79 | Handle=>$dh->{dbh}, | |
80 | LockHandle=>$dh->{dbh} | |
81 | }; | |
82 | } | |
83 | unless ($sessionid) { | |
bd29e194 TC |
84 | # save the new sessionid |
85 | $self->_send_session_cookie($session, $cfg); | |
589b789c | 86 | } |
4175638b TC |
87 | |
88 | if ($cfg->entry('debug', 'dump_session')) { | |
89 | require Data::Dumper; | |
90 | print STDERR Data::Dumper->Dump([ $session ], [ 'session' ]); | |
91 | } | |
589b789c TC |
92 | } |
93 | ||
6e3d2da5 TC |
94 | sub change_cookie { |
95 | my ($self, $session, $cfg, $sessionid, $newsession) = @_; | |
96 | ||
bd29e194 TC |
97 | #my $cookie_name = $cfg->entry('basic', 'cookie_name', 'sessionid'); |
98 | #BSE::Session->send_cookie($self->make_cookie($cfg, $cookie_name, $sessionid)); | |
6e3d2da5 TC |
99 | my $dh = BSE::DB->single; |
100 | eval { | |
bd29e194 | 101 | tie %$newsession, _session_class($cfg), $sessionid, |
6e3d2da5 TC |
102 | { |
103 | Handle=>$dh->{dbh}, | |
104 | LockHandle=>$dh->{dbh} | |
105 | }; | |
106 | }; | |
bd29e194 TC |
107 | |
108 | $self->_send_session_cookie($newsession, $cfg); | |
6e3d2da5 TC |
109 | } |
110 | ||
6a8a205a | 111 | sub make_cookie { |
dbe8a12a | 112 | my ($self, $cfg, $name, $value, $extras) = @_; |
6a8a205a | 113 | |
dbe8a12a | 114 | $extras ||= {}; |
41292119 TC |
115 | $extras->{expires} ||= $cfg->entry('basic', 'cookie_lifetime', '+3h'); |
116 | $extras->{expires} =~ /\S/ or delete $extras->{expires}; | |
87958c2f | 117 | $name = $cfg->entry('cookie names', $name, $name); |
6a8a205a TC |
118 | my %opts = |
119 | ( | |
120 | -name => $name, | |
121 | -value => $value, | |
dbe8a12a TC |
122 | -path => '/', |
123 | map {; "-$_" => $extras->{$_} } keys %$extras, | |
6a8a205a | 124 | ); |
53f53326 TC |
125 | my $domain = $ENV{HTTP_HOST}; |
126 | $domain =~ s/:\d+$//; | |
127 | $domain = $cfg->entry('basic', 'cookie_domain', $domain); | |
6a8a205a TC |
128 | if ($domain !~ /^\d+\.\d+\.\d+\.\d+$/) { |
129 | $opts{"-domain"} = $domain; | |
130 | } | |
dbe8a12a | 131 | |
6a8a205a TC |
132 | return CGI::Cookie->new(%opts); |
133 | } | |
134 | ||
8f84f3f1 TC |
135 | sub send_cookie { |
136 | my ($class, $cookie) = @_; | |
137 | ||
138 | if (exists $ENV{GATEWAY_INTERFACE} | |
139 | && $ENV{GATEWAY_INTERFACE} =~ /^CGI-Perl\//) { | |
140 | my $r = Apache->request or die; | |
141 | $r->header_out('Set-Cookie' => "$cookie"); | |
142 | } | |
143 | else { | |
144 | print "Set-Cookie: $cookie\n"; | |
145 | } | |
146 | } | |
147 | ||
0966259f TC |
148 | sub clear { |
149 | my ($class, $session) = @_; | |
150 | ||
151 | my $tie = tied(%$session); | |
152 | if ($tie) { | |
153 | $tie->delete(); | |
154 | } | |
155 | } | |
156 | ||
589b789c | 157 | 1; |
daee3409 TC |
158 | |
159 | =head1 NAME | |
160 | ||
161 | BSE::Session - wrapper around Apache::Session for BSE. | |
162 | ||
163 | =head1 SYNOPSIS | |
164 | ||
165 | use BSE::Session; | |
166 | use BSE::Cfg | |
167 | my %session; | |
168 | my $cfg = BSE::Cfg->new; | |
169 | BSE::Session->tie_it(\%session, $cfg); | |
170 | ||
0966259f TC |
171 | BSE::Session->clear($session); |
172 | ||
daee3409 TC |
173 | =head1 DESCRIPTION |
174 | ||
175 | Provides a thinnish wrapper around Apache::Session, providing the interface | |
176 | to BSE's database abstraction, configuration, retries and cookie setup. | |
177 | ||
178 | =head1 KEYS | |
179 | ||
180 | =over | |
181 | ||
182 | =item * | |
183 | ||
184 | cart - the customer's shopping cart, should only be set on the secure side | |
185 | ||
186 | =item * | |
187 | ||
188 | custom - custom values set by shopping cart processing, should only be | |
189 | set on the secure side | |
190 | ||
191 | =item * | |
192 | ||
0ec4ac8a TC |
193 | userid - id of the logged on normal user. |
194 | ||
195 | =item * | |
196 | ||
197 | adminuserid - id of the logged on admin user. | |
198 | ||
199 | =item * | |
200 | ||
201 | affiliate_code - id of the affiliate set by affiliate.pl | |
daee3409 TC |
202 | |
203 | =back | |
204 | ||
205 | =head1 AUTHOR | |
206 | ||
207 | Tony Cook <tony@develop-help.com> | |
208 | ||
209 | =cut |