Skip to content
This repository has been archived by the owner on Jul 28, 2022. It is now read-only.

Commit

Permalink
default to non-persistent cookies, with option to make persistent
Browse files Browse the repository at this point in the history
  • Loading branch information
Fabio Mascarenhas committed Mar 15, 2010
1 parent 0a93f4b commit 581f0c4
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/mk/auth.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,11 +72,11 @@ function methods:provider()
if not data then
data = { username = req.POST.username,
password = req.POST.password,
expiration = tonumber(req.POST.expiration),
persistent = req.POST.persistent,
success = req.POST.success, failure = req.POST.failure }
end
local expires = data.expiration or (os.time() + self.expiration) -- one hour
local user, message = self:login(data.username, data.password, expires)
local expires = (data.persistent and (os.time() + self.expiration)) or nil
local user, message = self:login(data.username, data.password)
if user then
res:set_cookie("mk_auth_user", { value = message, expires = expires })
return res:redirect(data.success)
Expand Down
28 changes: 28 additions & 0 deletions test/test_auth.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,22 @@ do
local status, headers, res = a:provider()(env)
assert(status == 302)
assert(headers["Location"] == "/done")
local cookie = util.url_decode(headers["Set-Cookie"]:match("mk_auth_user=(.+)"))
local user, message = a:authenticate(cookie)
assert(user == "mascarenhas")
end

do
-- successful persistent login with json data
local a = auth.new(login, login_salt, session_salt)
local env = make_env_post("json=" .. json.encode({ username = "mascarenhas",
password = "foobar",
success = "/done",
persistent = true,
failure = "/fail" }))
local status, headers, res = a:provider()(env)
assert(status == 302)
assert(headers["Location"] == "/done")
local cookie = util.url_decode(headers["Set-Cookie"]:match("mk_auth_user=(.-);"))
local user, message = a:authenticate(cookie)
assert(user == "mascarenhas")
Expand Down Expand Up @@ -173,6 +189,18 @@ do
local status, headers, res = a:provider()(env)
assert(status == 302)
assert(headers["Location"] == "/done")
local cookie = util.url_decode(headers["Set-Cookie"]:match("mk_auth_user=(.+)"))
local user, message = a:authenticate(cookie)
assert(user == "mascarenhas")
end

do
-- successful persistent login with regular post data
local a = auth.new(login, login_salt, session_salt)
local env = make_env_post("username=mascarenhas&password=foobar&persistent=1&success=/done&failure=/fail")
local status, headers, res = a:provider()(env)
assert(status == 302)
assert(headers["Location"] == "/done")
local cookie = util.url_decode(headers["Set-Cookie"]:match("mk_auth_user=(.-);"))
local user, message = a:authenticate(cookie)
assert(user == "mascarenhas")
Expand Down

0 comments on commit 581f0c4

Please sign in to comment.