ClearPress::authenticator::session - ClearPress::authenticator::session documentation

ClearPress documentation

Contained in the ClearPress distribution.

Index

NAME
VERSION
SYNOPSIS
DESCRIPTION
SUBROUTINES/METHODS
DIAGNOSTICS
CONFIGURATION AND ENVIRONMENT
DEPENDENCIES
- strict
- warnings
- Crypt::CBC
- base
- ClearPress::authenticator
- Readonly
- Carp
- MIME::Base64
- YAML::Syck
INCOMPATIBILITIES
BUGS AND LIMITATIONS
AUTHOR
LICENSE AND COPYRIGHT

Code Index:

package ClearPress::authenticator::session
- authen_token
- encode_token
- decode_token
- key
- cipher
__END__
EOF

NAME

ClearPress::authenticator::session

VERSION

$LastChangedRevision: 348 $

SYNOPSIS

DESCRIPTION

SUBROUTINES/METHODS

authen_token - validate a token, usually from cookie

  my @aResults = $oSession->authen_token($sToken);

encode_token - encrypt and base64 encode user information

  my $sEncoded = $oSession->encode_token($hrUserData);

decode_token - decode and decrypt a token

  my $hrUserData = $oSession->decode_token($sEncoded);

key - get/set accessor for cipher key (optionally configured during construction)

  my $sKey = $oSession->key();

cipher - a configure Crypt::CBC object

  my $oCipher = $oSession->cipher();

DIAGNOSTICS

CONFIGURATION AND ENVIRONMENT

DEPENDENCIES

strict
warnings
Crypt::CBC
base
ClearPress::authenticator
Readonly
Carp
MIME::Base64
YAML::Syck

INCOMPATIBILITIES

BUGS AND LIMITATIONS

AUTHOR

$Author: Roger Pettett$

LICENSE AND COPYRIGHT

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

ClearPress documentation

Contained in the ClearPress distribution.

#########
# Author:        rmp
# Last Modified: $Date: 2010-01-04 13:02:42 +0000 (Mon, 04 Jan 2010) $
# Id:            $Id: session.pm 348 2010-01-04 13:02:42Z zerojinx $
# Source:        $Source$
# $HeadURL: https://clearpress.svn.sourceforge.net/svnroot/clearpress/trunk/lib/ClearPress/authenticator/session.pm $
#
package ClearPress::authenticator::session;
use strict;
use warnings;
use Crypt::CBC;
use base qw(ClearPress::authenticator);
use Readonly;
use Carp;
use MIME::Base64 qw(encode_base64 decode_base64);
use YAML::Tiny qw(Load Dump);

our $VERSION = do { my ($r) = q$Revision: 348 $ =~ /(\d+)/smx; $r; };

Readonly::Scalar our $KEY => q[topsecretkey];

sub authen_token {
  my ($self, $token) = @_;

  return $self->decode_token($token);
}

sub encode_token {
  my ($self, $user_hash) = @_;

  my $user_yaml = Dump($user_hash);
  my $encrypted = $self->cipher->encrypt($user_yaml);
  my $encoded   = encode_base64($encrypted);

  return $encoded;
}

sub decode_token {
  my ($self, $token) = @_;

  my $decoded = q[];
  eval {
    $decoded = decode_base64($token);
  } or do {
    carp q[Failed to decode token];
    return;
  };

  my $decrypted = q[];
  eval {
    $decrypted = $self->cipher->decrypt($decoded);
  } or do {
    carp q[Failed to decrypt token];
    return;
  };

  my $deyamled;
  eval {
    $deyamled = Load($decrypted);

  } or do {
    carp q[Failed to de-YAML token];
    return;
  };

  return $deyamled;
}

sub key {
  my ($self, $key) = @_;

  if($key) {
    $self->{key} = $key;
  }

  if($self->{key}) {
    return $self->{key};
  }

  return $KEY;
}

sub cipher {
  my $self = shift;

  if(!$self->{cipher}) {
    $self->{cipher} = Crypt::CBC->new(
				      -cipher => 'Blowfish',
				      -key    => $self->key,
				     );
  }

  return $self->{cipher};
}

1;
__END__