Project

General

Profile

« Previous | Next » 

Revision 9531

Don't forget to set the token variable from the HTTP_AUTHORIZATION environment variable.

refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/42

View differences:

src/perl/register-dataset.cgi
5578 5578
            isValid     => 0
5579 5579
    };
5580 5580

  
5581
    my $token = "";
5582
    
5583
    if ( $ENV{'HTTP_AUTHORIZATION'} ) {
5584
        @token_parts = split(/ /, $ENV{'HTTP_AUTHORIZATION'});
5585
        $token = @token_parts[1];
5586
        
5587
    }
5588
    
5581 5589
    my $der_cert_file;
5582 5590
    my $signing_cert;
5583 5591
    
......
5607 5615
         
5608 5616
}
5609 5617

  
5618
################################################################################
5619
#
5620
# Validate the session, and return true if the session is not expired.  Support
5621
# both CGI::Session and JWT authentication token sessions, where auth tokens
5622
# take precendence.
5623
#
5624
################################################################################
5625
sub validateSession() {
5626
    
5627
    if ( $debug_enabled ) {
5628
        debug('validateSession() called.');
5629
    }
5630
    
5631
    my $token_info = getTokenInfo();
5632
    my $session = CGI::Session->load();
5633
    my $valid = 0;
5634
   
5635
    if ( $token_info{'isValid'} ) {
5636
        $valid = 1;
5637
        if ( $debug_enabled ) {
5638
                debug('The auth token session is valid.');
5639
            
5640
        }
5641
        
5642
    } else if ( ! $session->is_empty && ! $session->is_expired ) {
5643
        $valid = 1;
5644
        if ( $debug_enabled ) {
5645
                debug('The CGI session is valid.');
5646
            
5647
        }
5648
    }
5649
    
5650
    if ( $debug_enabled ) {
5651
        if ( ! $valid ) {
5652
            debug('The session is not valid.');
5653
            
5654
        }
5655
    }
5656
    
5657
    return $valid;
5658
}

Also available in: Unified diff