I have created a login system using the wonderful Ticket system from the
Eagle book. I have modified TicketAccess so that after authentication,
it reviews the arguments in the query string and does push_handler, the
handler being chosen based on the args.
My only problem is that I want to provide the users with a logout button
which will delete the cookie from thier browser, yet I cannot find how!.
I have reviewed every module on my system with 'Cookie' in the name
(Apache::Cookie, CGI::Cookie, etc.) and nowhere does it tell how to do
this. There is a small mention of changing the expiration to < 0, but
apparently I am doing it wrong (possible confusing point is the use of
an 'expires' value in the cookie itself, seperate, I think, from the
'expires' attribute on the cookie?)
I know it is a lot to ask, but I am relatively new to this part of
mod_perl (pushing handlers, etc.), so if anyone can look at this and
replace my BLOCKED comments with a couple of helpfull lines, I would
greatly appreciate it!
Thanks in advance -
Jonathon Robison
Below is my modified TicketAccess, as well as the Logout module I am
re-directing to for logout action:
=========================================================
package FES::Apache::TicketAccess;
use strict;
use Apache::Constants qw(:common);
use FES::Apache::TicketTool ();
sub handler {
my $r = shift;
my %input = $r->args;
# for checking input items
my $ticketTool = FES::Apache::TicketTool->new($r);
my($result, $msg) = $ticketTool->verify_ticket($r);
unless ($result) {
$r->log_reason($msg, $r->filename);
my $cookie = $ticketTool->make_return_address($r);
$r->err_headers_out->add('Set-Cookie' => $cookie);
return FORBIDDEN;
}
## Here is where we need to insert a push_handler insert. I won't need
## the requested uri from the $r, since the $r goes along for the ride
in ## push_handler
my $action = defined $input{'act'} ? $input{'act'} : 'view';
print STDERR "action is defined as $action\n"; ## DEBUGGING
if ($action eq 'logout') {
$r->push_handlers('PerlHandler' => 'FES::Control::Logout');
return OK;
} elsif ($action eq 'view') {
$r->push_handlers('PerlHandler' => 'FES::Control::View');
return OK;
} else {
$r->push_handlers('PerlHandler' => 'FES::Control::View');
return OK;
}
## ARE THOSE THE CORRECT THINGS TO 'RETURN' FOR THESE CASES?
}
1;
==============================================================
And the Logout.pm:
=============================================================
package FES::Control::Logout;
use strict;
use Apache;
use Apache::Constants qw(:common);
use FES::Common::Common qw( header footer);
use CGI qw/:standard/;
use CGI::Cookie;
sub handler {
my $r = shift;
my $q = new CGI;
my $ticket = _get_ticket('r' => $r);
## HERE IS WHERE I NEED TO 1.) DELETE USER'S TICKET COOKIE AND
## 2.) REDIRECT THEM TO "/FES" (w/o bringing old
$r),(WHERE THEY SHOULD GET
## A NEW LOGIN SCREEN BECAUSE COOKIE IS
GONE.)
}
sub _get_ticket {
my $args = {
'r' => undef,
@_
};
my $r = $args->{'r'};
my %cookies = CGI::Cookie->parse($r->header_in('Cookie'));
# TESTING
my %ticket = $cookies{'Ticket'}->value; # TESTING
return \%ticket;
}
1;
=====================================================
