changeset 18:dd8eb53da51b

Pretend user isn't logged in when he gives bogus session data; add some documentation to openidUser.urs
author Adam Chlipala <adam@chlipala.net>
date Thu, 06 Jan 2011 15:17:15 -0500 (2011-01-06)
parents df2eb629f21a
children 5e03668972ea
files src/ur/openidUser.ur src/ur/openidUser.urs
diffstat 2 files changed, 39 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/ur/openidUser.ur	Thu Jan 06 14:42:37 2011 -0500
+++ b/src/ur/openidUser.ur	Thu Jan 06 15:17:15 2011 -0500
@@ -54,7 +54,7 @@
                                     WHERE session.Id = {[login.Session]}
                                       AND session.Key = {[login.Key]});
             case ident of
-                None => error <xml>Invalid or expired session</xml>
+                None => return None
               | Some None => return None
               | Some (Some ident) =>
                 valid <- oneRowE1 (SELECT COUNT( * ) > 0
--- a/src/ur/openidUser.urs	Thu Jan 06 14:42:37 2011 -0500
+++ b/src/ur/openidUser.urs	Thu Jan 06 15:17:15 2011 -0500
@@ -1,16 +1,40 @@
+(* This module provides generic user authentication functionality, backed by
+ * OpenID authentication.  Each account (named with a short alphanumeric string)
+ * is associated with one or more OpenID identifiers, any of which may be used
+ * to log in as that user.  This module provides all the code you need to sign
+ * users up, log them in, and check which user is logged in.
+ *
+ * Module author: Adam Chlipala
+ *)
+
+(* Instantiate this functor to create your customized authentication scheme. *)
 functor Make(M: sig
                  con cols :: {Type}
                  constraint [Id] ~ cols
                  val folder : folder cols
                  val inj : $(map sql_injectable cols)
-                 (* Extra columns to add to the user database table *)
+                 (* Extra columns of profile information to include in the user
+                  * database table *)
 
                  type creationState
+                 (* The type of client-side state used while soliciting sign-up
+                  * input *)
                  type creationData
+                 (* A functional representation of the latest client-side state *)
+
                  val creationState : transaction creationState
+                 (* Create some fresh client-side state. *)
+
                  val render : creationState -> xtable
+                 (* Display widgets. *)
+
                  val tabulate : creationState -> signal creationData
-                 val choose : sql_table ([Id = string] ++ cols) [Pkey = [Id]] -> creationData -> transaction $cols
+                 (* Functionalize current state. *)
+
+                 val choose : sql_table ([Id = string] ++ cols) [Pkey = [Id]]
+                              -> creationData -> transaction $cols
+                 (* Use functionalized state to choose initial column values,
+                  * given a handle to the users table. *)
 
                  val sessionLifetime : int
                  (* Number of seconds a session may live *)
@@ -19,27 +43,36 @@
                  (* Where to send the user after he logs out *)
 
                  val secureCookies : bool
-                 (* Should authentication cookies be restricted to SSL connections? *)
+                 (* Should authentication cookies be restricted to SSL
+                  * connections? *)
 
                  val association : Openid.association_mode
                  (* OpenID cryptography preferences *)
 
                  val realm : option string
-                 (* See end of [Openid] module's documentation for the meaning of realms *)
+                 (* See end of [Openid] module's documentation for the meaning
+                  * of realms. *)
 
                  val formClass : css_class
+                 (* CSS class for <table>, <th>, and <td> elements used in
+                  * sign-up form *)
              end) : sig
 
     type user
     val show_user : show user
     val inj_user : sql_injectable_prim user
+    (* The abstract type of user IDs.  It's really [string], but this is only
+     * exposed via some standard type class instances. *)
 
     table user : ([Id = user] ++ M.cols)
       PRIMARY KEY Id
 
     val current : transaction (option user)
+    (* Figure out which, if any, user is logged in on this connection. *)
 
     val main : (string -> xbody -> transaction page) -> transaction xbody
-    (* Pass in your generic page template; get out the HTML snippet for user management *)
+    (* Pass in your generic page template; get out the HTML snippet for user
+     * management, suitable for, e.g., inclusion in your standard page
+     * header. *)
 
 end