comparison src/ur/openidUser.ur @ 49:9c83592de908

Merge
author Robin Green <greenrd@greenrd.org>
date Mon, 04 Jul 2011 17:29:13 +0100
parents 3f475c6fb168 72e942423f26
children a984dc1c8954
comparison
equal deleted inserted replaced
48:3f475c6fb168 49:9c83592de908
84 val currentUrl = 84 val currentUrl =
85 b <- currentUrlHasPost; 85 b <- currentUrlHasPost;
86 if b then 86 if b then
87 return M.afterLogout 87 return M.afterLogout
88 else 88 else
89 currentUrl 89 b <- currentUrlHasQueryString;
90 if b then
91 return M.afterLogout
92 else
93 currentUrl
90 94
91 val current = 95 val current =
92 login <- getCookie auth; 96 login <- getCookie auth;
93 case login of 97 case login of
94 Some (LoggedIn login) => 98 Some (LoggedIn login) =>
123 dml (DELETE FROM session 127 dml (DELETE FROM session
124 WHERE Id = {[login.Session]} 128 WHERE Id = {[login.Session]}
125 AND Key = {[login.Key]}) 129 AND Key = {[login.Key]})
126 | _ => return ()); 130 | _ => return ());
127 redirect M.afterLogout 131 redirect M.afterLogout
132
133 fun newSession identO =
134 ses <- nextval sessionIds;
135 now <- now;
136 key <- rand;
137 dml (INSERT INTO session (Id, Key, Identifier, Expires)
138 VALUES ({[ses]}, {[key]}, {[identO]}, {[addSeconds now M.sessionLifetime]}));
139 return {Session = ses, Key = key}
128 140
129 fun signupDetails after = 141 fun signupDetails after =
130 let 142 let
131 fun finishSignup uid data = 143 fun finishSignup uid data =
132 if not (validUser uid) then 144 if not (validUser uid) then
153 | Some (Some ident) => 165 | Some (Some ident) =>
154 cols <- M.choose user data; 166 cols <- M.choose user data;
155 case cols of 167 case cols of
156 Failure s => return (Some s) 168 Failure s => return (Some s)
157 | Success cols => 169 | Success cols =>
170 dml (DELETE FROM session
171 WHERE Id = {[ses.Session]});
172 ses <- newSession (Some ident);
158 setCookie auth {Value = LoggedIn ({User = uid} ++ ses), 173 setCookie auth {Value = LoggedIn ({User = uid} ++ ses),
159 Expires = None, 174 Expires = None,
160 Secure = M.secureCookies}; 175 Secure = M.secureCookies};
161 176
162 dml (insert user ({Id = (SQL {[uid]})} ++ @Sql.sqexps M.folder M.inj cols)); 177 dml (insert user ({Id = (SQL {[uid]})} ++ @Sql.sqexps M.folder M.inj cols));
202 WHERE session.Id = {[signup.Session]} 217 WHERE session.Id = {[signup.Session]}
203 AND session.Key = {[signup.Key]}); 218 AND session.Key = {[signup.Key]});
204 if invalid then 219 if invalid then
205 error <xml>Invalid or expired session</xml> 220 error <xml>Invalid or expired session</xml>
206 else 221 else
207 dml (UPDATE session 222 dml (DELETE FROM session
208 SET Identifier = {[Some ident]}
209 WHERE Id = {[signup.Session]}); 223 WHERE Id = {[signup.Session]});
224 ses <- newSession (Some ident);
225 setCookie auth {Value = SigningUp ses,
226 Expires = None,
227 Secure = M.secureCookies};
210 signupDetails after 228 signupDetails after
211 | Some (LoggedIn login) => 229 | Some (LoggedIn login) =>
212 if login.Session <> ses then 230 if login.Session <> ses then
213 error <xml>Session has changed suspiciously</xml> 231 error <xml>Session has changed suspiciously</xml>
214 else 232 else
217 WHERE session.Id = {[login.Session]} 235 WHERE session.Id = {[login.Session]}
218 AND session.Key = {[login.Key]}); 236 AND session.Key = {[login.Key]});
219 if invalid then 237 if invalid then
220 error <xml>Invalid or expired session</xml> 238 error <xml>Invalid or expired session</xml>
221 else 239 else
222 dml (UPDATE session 240 dml (DELETE FROM session
223 SET Identifier = {[Some ident]}
224 WHERE Id = {[login.Session]}); 241 WHERE Id = {[login.Session]});
242 ses <- newSession (Some ident);
243 setCookie auth {Value = LoggedIn ({User = login.User} ++ ses),
244 Expires = None,
245 Secure = M.secureCookies};
225 redirect (bless after) 246 redirect (bless after)
226 | None => error <xml>Missing session cookie</xml> 247 | None => error <xml>Missing session cookie</xml>
227 248
228 fun fakeCallback ident after ses = 249 fun fakeCallback ident after ses =
229 av <- getCookie auth; 250 av <- getCookie auth;
252 SET Identifier = {[Some ident]} 273 SET Identifier = {[Some ident]}
253 WHERE Id = {[login.Session]}); 274 WHERE Id = {[login.Session]});
254 redirect (bless after) 275 redirect (bless after)
255 | None => error <xml>Missing session cookie</xml> 276 | None => error <xml>Missing session cookie</xml>
256 277
257 fun newSession () =
258 ses <- nextval sessionIds;
259 now <- now;
260 key <- rand;
261 dml (INSERT INTO session (Id, Key, Identifier, Expires)
262 VALUES ({[ses]}, {[key]}, NULL, {[addSeconds now M.sessionLifetime]}));
263 return {Session = ses, Key = key}
264
265 fun logon after r = 278 fun logon after r =
266 ident <- oneOrNoRowsE1 (SELECT (identity.Identifier) 279 ident <- oneOrNoRowsE1 (SELECT (identity.Identifier)
267 FROM identity 280 FROM identity
268 WHERE identity.User = {[r.User]} 281 WHERE identity.User = {[r.User]}
269 LIMIT 1); 282 LIMIT 1);
270 case ident of 283 case ident of
271 None => error <xml>Username not found</xml> 284 None => error <xml>Username not found</xml>
272 | Some ident => 285 | Some ident =>
273 ses <- newSession (); 286 ses <- newSession None;
274 setCookie auth {Value = LoggedIn (r ++ ses), 287 setCookie auth {Value = LoggedIn (r ++ ses),
275 Expires = None, 288 Expires = None,
276 Secure = M.secureCookies}; 289 Secure = M.secureCookies};
277 ses <- return ses.Session; 290 ses <- return ses.Session;
278 if M.fakeId = Some ident then 291 if M.fakeId = Some ident then
283 Realm = M.realm, 296 Realm = M.realm,
284 Identifier = Openid.KnownIdentifier ident}; 297 Identifier = Openid.KnownIdentifier ident};
285 error <xml>Login with your identity provider failed: {[msg]}</xml> 298 error <xml>Login with your identity provider failed: {[msg]}</xml>
286 299
287 fun doSignup after r = 300 fun doSignup after r =
288 ses <- newSession (); 301 ses <- newSession None;
289 setCookie auth {Value = SigningUp ses, 302 setCookie auth {Value = SigningUp ses,
290 Expires = None, 303 Expires = None,
291 Secure = M.secureCookies}; 304 Secure = M.secureCookies};
292 ses <- return ses.Session; 305 ses <- return ses.Session;
293 if M.fakeId = Some r.Identifier then 306 if M.fakeId = Some r.Identifier then