Hi,
I would like to write a 'remember me' plugin so that if a user clicks a checkbox on the login page it will download a cookie which will automatically log them in in future. The logic of the login process seems to be to set the persistent cookie (if the user clicks the check box) at the same time that the session cookie is set. So I have rewritten the auth_create_session sub:
sub auth_create_session {
# -------------------------------------------------------------------
my $args = shift;
my $user = $args->{Username};
GT::Plugins->action ( STOP );
# Clear out old sessions.
GT::Session::File->cleanup($CFG->{user_session_length} * 3600, $CFG->{admin_root_path} . "/sessions");
# Create a new session and save the information.
my $session = new GT::Session::File ( directory => $CFG->{admin_root_path} . "/sessions" );
$session->{data}->{username} = $user;
my $session_id = $session->{id};
$session->save;
# Now redirect to another URL and set cookies, or set URL string.
my $url = $IN->param('url');
my $remember = $IN->param('rememberme');
my $redirect = 0;
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie ( -name => 's', -value => $session_id, -path => '/' );
my $cookie_out = $IN->cookie (-name=>"rememberme", -value=> "$user", -domain => "www.domain.com", -expires=>'+6M', -path=>'/' );
if ($url) {
if ($remember) {
print $IN->redirect ( -force => 1, -cookie => [$session_cookie,$cookie_out], -url => $url );
}
else{
print $IN->redirect ( -force => 1, -cookie => [$session_cookie], -url => $url );
}
$redirect = 1;
}
else {
if ($remember) {
print $IN->redirect ( -force => 1, -cookie => [$session_cookie,$cookie_out]);
}
else{
print $IN->redirect ( -force => 1, -cookie => [$session_cookie]);
}
}
}
else {
if ($url) {
if (! ($url =~ s/([&\?]s=)([^&])/$1$session_id/)) {
$url =~ /\?/ ? ($url .= "&s=$session_id&d=1") : ($url .= "?s=$session_id&d=1");
}
print $IN->redirect ($url);
$redirect = 1;
}
else {
$IN->param ('s' => $session_id);
$IN->param ('d' => 1 );
print $IN->header();
}
}
return { session => $session_id, redirect => $redirect };
}
This is creating a seemingly infinite loop adding more and more sessions. Any ideas what is wrong with this?
I would like to write a 'remember me' plugin so that if a user clicks a checkbox on the login page it will download a cookie which will automatically log them in in future. The logic of the login process seems to be to set the persistent cookie (if the user clicks the check box) at the same time that the session cookie is set. So I have rewritten the auth_create_session sub:
Code:
sub auth_create_session {
# -------------------------------------------------------------------
my $args = shift;
my $user = $args->{Username};
GT::Plugins->action ( STOP );
# Clear out old sessions.
GT::Session::File->cleanup($CFG->{user_session_length} * 3600, $CFG->{admin_root_path} . "/sessions");
# Create a new session and save the information.
my $session = new GT::Session::File ( directory => $CFG->{admin_root_path} . "/sessions" );
$session->{data}->{username} = $user;
my $session_id = $session->{id};
$session->save;
# Now redirect to another URL and set cookies, or set URL string.
my $url = $IN->param('url');
my $remember = $IN->param('rememberme');
my $redirect = 0;
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie ( -name => 's', -value => $session_id, -path => '/' );
my $cookie_out = $IN->cookie (-name=>"rememberme", -value=> "$user", -domain => "www.domain.com", -expires=>'+6M', -path=>'/' );
if ($url) {
if ($remember) {
print $IN->redirect ( -force => 1, -cookie => [$session_cookie,$cookie_out], -url => $url );
}
else{
print $IN->redirect ( -force => 1, -cookie => [$session_cookie], -url => $url );
}
$redirect = 1;
}
else {
if ($remember) {
print $IN->redirect ( -force => 1, -cookie => [$session_cookie,$cookie_out]);
}
else{
print $IN->redirect ( -force => 1, -cookie => [$session_cookie]);
}
}
}
else {
if ($url) {
if (! ($url =~ s/([&\?]s=)([^&])/$1$session_id/)) {
$url =~ /\?/ ? ($url .= "&s=$session_id&d=1") : ($url .= "?s=$session_id&d=1");
}
print $IN->redirect ($url);
$redirect = 1;
}
else {
$IN->param ('s' => $session_id);
$IN->param ('d' => 1 );
print $IN->header();
}
}
return { session => $session_id, redirect => $redirect };
}
This is creating a seemingly infinite loop adding more and more sessions. Any ideas what is wrong with this?