comparison src/ur/openidUser.ur @ 18:dd8eb53da51b

Pretend user isn't logged in when he gives bogus session data; add some documentation to openidUser.urs
author Adam Chlipala <adam@chlipala.net>
date Thu, 06 Jan 2011 15:17:15 -0500
parents df2eb629f21a
children 2342d9baa0df
comparison
equal deleted inserted replaced
17:df2eb629f21a 18:dd8eb53da51b
52 ident <- oneOrNoRowsE1 (SELECT (session.Identifier) 52 ident <- oneOrNoRowsE1 (SELECT (session.Identifier)
53 FROM session 53 FROM session
54 WHERE session.Id = {[login.Session]} 54 WHERE session.Id = {[login.Session]}
55 AND session.Key = {[login.Key]}); 55 AND session.Key = {[login.Key]});
56 case ident of 56 case ident of
57 None => error <xml>Invalid or expired session</xml> 57 None => return None
58 | Some None => return None 58 | Some None => return None
59 | Some (Some ident) => 59 | Some (Some ident) =>
60 valid <- oneRowE1 (SELECT COUNT( * ) > 0 60 valid <- oneRowE1 (SELECT COUNT( * ) > 0
61 FROM identity 61 FROM identity
62 WHERE identity.User = {[login.User]} 62 WHERE identity.User = {[login.User]}