Mercurial > openid
comparison src/ur/openidUser.ur @ 49:9c83592de908
Merge
| author | Robin Green <greenrd@greenrd.org> |
|---|---|
| date | Mon, 04 Jul 2011 17:29:13 +0100 |
| parents | 3f475c6fb168 72e942423f26 |
| children | a984dc1c8954 |
comparison
equal
deleted
inserted
replaced
| 48:3f475c6fb168 | 49:9c83592de908 |
|---|---|
| 84 val currentUrl = | 84 val currentUrl = |
| 85 b <- currentUrlHasPost; | 85 b <- currentUrlHasPost; |
| 86 if b then | 86 if b then |
| 87 return M.afterLogout | 87 return M.afterLogout |
| 88 else | 88 else |
| 89 currentUrl | 89 b <- currentUrlHasQueryString; |
| 90 if b then | |
| 91 return M.afterLogout | |
| 92 else | |
| 93 currentUrl | |
| 90 | 94 |
| 91 val current = | 95 val current = |
| 92 login <- getCookie auth; | 96 login <- getCookie auth; |
| 93 case login of | 97 case login of |
| 94 Some (LoggedIn login) => | 98 Some (LoggedIn login) => |
| 123 dml (DELETE FROM session | 127 dml (DELETE FROM session |
| 124 WHERE Id = {[login.Session]} | 128 WHERE Id = {[login.Session]} |
| 125 AND Key = {[login.Key]}) | 129 AND Key = {[login.Key]}) |
| 126 | _ => return ()); | 130 | _ => return ()); |
| 127 redirect M.afterLogout | 131 redirect M.afterLogout |
| 132 | |
| 133 fun newSession identO = | |
| 134 ses <- nextval sessionIds; | |
| 135 now <- now; | |
| 136 key <- rand; | |
| 137 dml (INSERT INTO session (Id, Key, Identifier, Expires) | |
| 138 VALUES ({[ses]}, {[key]}, {[identO]}, {[addSeconds now M.sessionLifetime]})); | |
| 139 return {Session = ses, Key = key} | |
| 128 | 140 |
| 129 fun signupDetails after = | 141 fun signupDetails after = |
| 130 let | 142 let |
| 131 fun finishSignup uid data = | 143 fun finishSignup uid data = |
| 132 if not (validUser uid) then | 144 if not (validUser uid) then |
| 153 | Some (Some ident) => | 165 | Some (Some ident) => |
| 154 cols <- M.choose user data; | 166 cols <- M.choose user data; |
| 155 case cols of | 167 case cols of |
| 156 Failure s => return (Some s) | 168 Failure s => return (Some s) |
| 157 | Success cols => | 169 | Success cols => |
| 170 dml (DELETE FROM session | |
| 171 WHERE Id = {[ses.Session]}); | |
| 172 ses <- newSession (Some ident); | |
| 158 setCookie auth {Value = LoggedIn ({User = uid} ++ ses), | 173 setCookie auth {Value = LoggedIn ({User = uid} ++ ses), |
| 159 Expires = None, | 174 Expires = None, |
| 160 Secure = M.secureCookies}; | 175 Secure = M.secureCookies}; |
| 161 | 176 |
| 162 dml (insert user ({Id = (SQL {[uid]})} ++ @Sql.sqexps M.folder M.inj cols)); | 177 dml (insert user ({Id = (SQL {[uid]})} ++ @Sql.sqexps M.folder M.inj cols)); |
| 202 WHERE session.Id = {[signup.Session]} | 217 WHERE session.Id = {[signup.Session]} |
| 203 AND session.Key = {[signup.Key]}); | 218 AND session.Key = {[signup.Key]}); |
| 204 if invalid then | 219 if invalid then |
| 205 error <xml>Invalid or expired session</xml> | 220 error <xml>Invalid or expired session</xml> |
| 206 else | 221 else |
| 207 dml (UPDATE session | 222 dml (DELETE FROM session |
| 208 SET Identifier = {[Some ident]} | |
| 209 WHERE Id = {[signup.Session]}); | 223 WHERE Id = {[signup.Session]}); |
| 224 ses <- newSession (Some ident); | |
| 225 setCookie auth {Value = SigningUp ses, | |
| 226 Expires = None, | |
| 227 Secure = M.secureCookies}; | |
| 210 signupDetails after | 228 signupDetails after |
| 211 | Some (LoggedIn login) => | 229 | Some (LoggedIn login) => |
| 212 if login.Session <> ses then | 230 if login.Session <> ses then |
| 213 error <xml>Session has changed suspiciously</xml> | 231 error <xml>Session has changed suspiciously</xml> |
| 214 else | 232 else |
| 217 WHERE session.Id = {[login.Session]} | 235 WHERE session.Id = {[login.Session]} |
| 218 AND session.Key = {[login.Key]}); | 236 AND session.Key = {[login.Key]}); |
| 219 if invalid then | 237 if invalid then |
| 220 error <xml>Invalid or expired session</xml> | 238 error <xml>Invalid or expired session</xml> |
| 221 else | 239 else |
| 222 dml (UPDATE session | 240 dml (DELETE FROM session |
| 223 SET Identifier = {[Some ident]} | |
| 224 WHERE Id = {[login.Session]}); | 241 WHERE Id = {[login.Session]}); |
| 242 ses <- newSession (Some ident); | |
| 243 setCookie auth {Value = LoggedIn ({User = login.User} ++ ses), | |
| 244 Expires = None, | |
| 245 Secure = M.secureCookies}; | |
| 225 redirect (bless after) | 246 redirect (bless after) |
| 226 | None => error <xml>Missing session cookie</xml> | 247 | None => error <xml>Missing session cookie</xml> |
| 227 | 248 |
| 228 fun fakeCallback ident after ses = | 249 fun fakeCallback ident after ses = |
| 229 av <- getCookie auth; | 250 av <- getCookie auth; |
| 252 SET Identifier = {[Some ident]} | 273 SET Identifier = {[Some ident]} |
| 253 WHERE Id = {[login.Session]}); | 274 WHERE Id = {[login.Session]}); |
| 254 redirect (bless after) | 275 redirect (bless after) |
| 255 | None => error <xml>Missing session cookie</xml> | 276 | None => error <xml>Missing session cookie</xml> |
| 256 | 277 |
| 257 fun newSession () = | |
| 258 ses <- nextval sessionIds; | |
| 259 now <- now; | |
| 260 key <- rand; | |
| 261 dml (INSERT INTO session (Id, Key, Identifier, Expires) | |
| 262 VALUES ({[ses]}, {[key]}, NULL, {[addSeconds now M.sessionLifetime]})); | |
| 263 return {Session = ses, Key = key} | |
| 264 | |
| 265 fun logon after r = | 278 fun logon after r = |
| 266 ident <- oneOrNoRowsE1 (SELECT (identity.Identifier) | 279 ident <- oneOrNoRowsE1 (SELECT (identity.Identifier) |
| 267 FROM identity | 280 FROM identity |
| 268 WHERE identity.User = {[r.User]} | 281 WHERE identity.User = {[r.User]} |
| 269 LIMIT 1); | 282 LIMIT 1); |
| 270 case ident of | 283 case ident of |
| 271 None => error <xml>Username not found</xml> | 284 None => error <xml>Username not found</xml> |
| 272 | Some ident => | 285 | Some ident => |
| 273 ses <- newSession (); | 286 ses <- newSession None; |
| 274 setCookie auth {Value = LoggedIn (r ++ ses), | 287 setCookie auth {Value = LoggedIn (r ++ ses), |
| 275 Expires = None, | 288 Expires = None, |
| 276 Secure = M.secureCookies}; | 289 Secure = M.secureCookies}; |
| 277 ses <- return ses.Session; | 290 ses <- return ses.Session; |
| 278 if M.fakeId = Some ident then | 291 if M.fakeId = Some ident then |
| 283 Realm = M.realm, | 296 Realm = M.realm, |
| 284 Identifier = Openid.KnownIdentifier ident}; | 297 Identifier = Openid.KnownIdentifier ident}; |
| 285 error <xml>Login with your identity provider failed: {[msg]}</xml> | 298 error <xml>Login with your identity provider failed: {[msg]}</xml> |
| 286 | 299 |
| 287 fun doSignup after r = | 300 fun doSignup after r = |
| 288 ses <- newSession (); | 301 ses <- newSession None; |
| 289 setCookie auth {Value = SigningUp ses, | 302 setCookie auth {Value = SigningUp ses, |
| 290 Expires = None, | 303 Expires = None, |
| 291 Secure = M.secureCookies}; | 304 Secure = M.secureCookies}; |
| 292 ses <- return ses.Session; | 305 ses <- return ses.Session; |
| 293 if M.fakeId = Some r.Identifier then | 306 if M.fakeId = Some r.Identifier then |