I have created a login system using the wonderful Ticket system from the
Eagle book.  I have modified TicketAccess so that after authentication,
it reviews the arguments in the query string and does push_handler, the
handler being chosen based on the args.

My only problem is that I want to provide the users with a logout button
which will delete the cookie from thier browser, yet I cannot find how!.
I have reviewed every module on my system with 'Cookie' in the name
(Apache::Cookie, CGI::Cookie, etc.) and nowhere does it tell how to do
this. There is a small mention of changing the expiration to < 0, but
apparently I am doing it wrong (possible confusing point is the use of
an 'expires' value in the cookie itself, seperate, I think, from the
'expires' attribute on the cookie?)

I know it is a lot to ask, but I am relatively new to this part of
mod_perl (pushing handlers, etc.), so if anyone can look at this and
replace my BLOCKED comments with a couple of helpfull lines, I would
greatly appreciate it! 

Thanks in advance - 

Jonathon Robison


Below is my modified TicketAccess, as well as the Logout module I am
re-directing to for logout action:
=========================================================
package FES::Apache::TicketAccess;

use strict;
use Apache::Constants qw(:common);
use FES::Apache::TicketTool ();

sub handler {
    my $r = shift;
                my %input = $r->args;                                                  
                                 # for checking input items
    my $ticketTool = FES::Apache::TicketTool->new($r);
    my($result, $msg) = $ticketTool->verify_ticket($r);
    unless ($result) {
                        $r->log_reason($msg, $r->filename);
                        my $cookie = $ticketTool->make_return_address($r);
                        $r->err_headers_out->add('Set-Cookie' => $cookie);
                        return FORBIDDEN;
    }
                ## Here is where we need to insert a push_handler insert. I won't need
                ## the requested uri from the $r, since the $r goes along for the ride
in                            ## push_handler

                my $action = defined $input{'act'} ? $input{'act'} : 'view';

                print STDERR "action is defined as $action\n";  ## DEBUGGING

                if ($action eq 'logout')  {
                        $r->push_handlers('PerlHandler' => 'FES::Control::Logout');
                        return OK;
                } elsif ($action eq 'view') {
                        $r->push_handlers('PerlHandler' => 'FES::Control::View');
                        return OK;
                }       else {
                        $r->push_handlers('PerlHandler' => 'FES::Control::View');
                        return OK;
                }
           ## ARE THOSE THE CORRECT THINGS TO 'RETURN' FOR THESE CASES?
 
}

1;
==============================================================

And the Logout.pm:

=============================================================
package FES::Control::Logout;

use strict;
use Apache;
use Apache::Constants qw(:common);
use FES::Common::Common qw( header footer);
use CGI qw/:standard/;
use CGI::Cookie;

sub handler {
        my $r = shift;
        my $q = new CGI;
        my $ticket = _get_ticket('r' => $r);

## HERE IS WHERE I NEED TO 1.) DELETE USER'S TICKET COOKIE AND
##                         2.) REDIRECT THEM TO "/FES" (w/o bringing old
$r),(WHERE THEY SHOULD GET
##                             A NEW LOGIN SCREEN BECAUSE COOKIE IS
GONE.)

}

sub _get_ticket {
        my $args = {
                'r' => undef,
                @_
                };
        my $r = $args->{'r'};
        my %cookies = CGI::Cookie->parse($r->header_in('Cookie'));            
# TESTING
        my %ticket = $cookies{'Ticket'}->value;      # TESTING
        return \%ticket;
}

1;
=====================================================

Reply via email to