use Newslash::Model::Base -base;
use Digest::MD5 qw(md5_hex md5_base64);
-use MIME::Base64;
-use Crypt::OpenSSL::Random qw(random_seed random_bytes );
use Email::Valid;
use Data::Dumper;
-# set random seed
-if (!random_seed(time())) {
- die 'random seed is not sufficient';
-}
-
-my $session_store = {};
-
-sub generate_token {
- my $randoms = random_bytes(128);
- if ($randoms) {
- return encode_base64($randoms);
- }
- return undef;
-}
-
-sub expire_token {
- my ($self, $token) = @_;
- delete $session_store->{$token};
- # TODO: delete all token associated the user
-}
-
sub authentification {
my ($self, $nickname, $passwd) = @_;
my $u = $rs->[0];
if ($self->comparePassword($passwd, $u->{passwd}, $u->{uid}, 0, 0)) {
my $user = $self->_create_user_object($u);
- my $token = $self->generate_token;
- while($session_store->{$token}) {
- $token = $self->generate_token;
- }
- $session_store->{$token} = $user;
- return $token;
+ return $user;
}
return undef;
}
-sub _get_by_token {
- my ($self, $token) = @_;
- my $user = $session_store->{$token};
-
- if ($user) {
- return $user;
- }
-
- return undef;
-}
-
sub _get {
my ($self, $key, $value) = @_;
my $dbh = $self->connect_db;
sub anonymous_user {
my $self = shift;
- my $u = $session_store->{anonymous};
- if (!$u) {
- $u = $self->select(uid => 1);
- $session_store->{anonymous} = $self->_create_user_object($u);
- }
- return $u;
+ return $self->select(uid => 1);
}
sub _create_user_object {
my ($self, $key, $value) = @_;
my $user;
- if ($key eq 'token') {
- $user = $self->_get_by_token($value);
- }
-
if ($key eq 'nickname') {
$user = $self->_get(nickname => $value);
}