Project

General

Profile

« Previous | Next » 

Revision 9531

Added by Chris Jones over 8 years ago

Don't forget to set the token variable from the HTTP_AUTHORIZATION environment variable.

refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/42

View differences:

register-dataset.cgi
5578 5578 
            isValid     => 0
5579 5579 
    };
5580 5580 

  		




  
  5581
  
    
    my $token = "";


  		




  
  5582
  
    
    


  		




  
  5583
  
    
    if ( $ENV{'HTTP_AUTHORIZATION'} ) {


  		




  
  5584
  
    
        @token_parts = split(/ /, $ENV{'HTTP_AUTHORIZATION'});


  		




  
  5585
  
    
        $token = @token_parts[1];


  		




  
  5586
  
    
        


  		




  
  5587
  
    
    }


  		




  
  5588
  
    
    


  		




  5581
  5589
  
    
    my $der_cert_file;


  		




  5582
  5590
  
    
    my $signing_cert;


  		




  5583
  5591
  
    
    


  		




  ......




  5607
  5615
  
    
         


  		




  5608
  5616
  
    
}


  		




  5609
  5617
  
    

  		




  
  5618
  
    
################################################################################


  		




  
  5619
  
    
#


  		




  
  5620
  
    
# Validate the session, and return true if the session is not expired.  Support


  		




  
  5621
  
    
# both CGI::Session and JWT authentication token sessions, where auth tokens


  		




  
  5622
  
    
# take precendence.


  		




  
  5623
  
    
#


  		




  
  5624
  
    
################################################################################


  		




  
  5625
  
    
sub validateSession() {


  		




  
  5626
  
    
    


  		




  
  5627
  
    
    if ( $debug_enabled ) {


  		




  
  5628
  
    
        debug('validateSession() called.');


  		




  
  5629
  
    
    }


  		




  
  5630
  
    
    


  		




  
  5631
  
    
    my $token_info = getTokenInfo();


  		




  
  5632
  
    
    my $session = CGI::Session->load();


  		




  
  5633
  
    
    my $valid = 0;


  		




  
  5634
  
    
   


  		




  
  5635
  
    
    if ( $token_info{'isValid'} ) {


  		




  
  5636
  
    
        $valid = 1;


  		




  
  5637
  
    
        if ( $debug_enabled ) {


  		




  
  5638
  
    
                debug('The auth token session is valid.');


  		




  
  5639
  
    
            


  		




  
  5640
  
    
        }


  		




  
  5641
  
    
        


  		




  
  5642
  
    
    } else if ( ! $session->is_empty && ! $session->is_expired ) {


  		




  
  5643
  
    
        $valid = 1;


  		




  
  5644
  
    
        if ( $debug_enabled ) {


  		




  
  5645
  
    
                debug('The CGI session is valid.');


  		




  
  5646
  
    
            


  		




  
  5647
  
    
        }


  		




  
  5648
  
    
    }


  		




  
  5649
  
    
    


  		




  
  5650
  
    
    if ( $debug_enabled ) {


  		




  
  5651
  
    
        if ( ! $valid ) {


  		




  
  5652
  
    
            debug('The session is not valid.');


  		




  
  5653
  
    
            


  		




  
  5654
  
    
        }


  		




  
  5655
  
    
    }


  		




  
  5656
  
    
    


  		




  
  5657
  
    
    return $valid;


  		




  
  5658
  
    
}


  		












Also available in:  Unified diff