[cgiapp] Logistics question

Kenny Pyatt Fri, 18 Jan 2002 11:12:23 -0800

Hello,

I am working on a general user auth system.  I have a small logistical 
question for everyone.


Currently the system is planned to work like this:

1. The app checks for a cookie named username.
2. If username has a value then the app checks the database and see if 
the user is in the ActiveUsers table.
3. If the user is in the ActiveUsers Table then the action is allowed.
    else send them to the login.cgi.

This seems to be working fine with the an exception.  The cookie expires 
after 30 minutes and they get logged out.  I have a cron
job that cleans the ActiveUsers table every few minutes so that the 
inactive users are "logged out".  I am currently checking
the for the session in the index.cgi instead of the module.  I need to 
update the cookie but I am confused about how and where to do this.

I would like to move all of this out of the index.cgi and into the 
App.pm or something.  How do I implement this in the module rather than 
in the actual cgi script?  Do I need to write a sub and call it in the 
setup?  

Here is a chopped up index.cgi:

#!/usr/bin/perl -w             
                               
# Includes                     
use strict;
use CGI::Carp 'fatalsToBrowser';
use CGI;
use App;
                               
# Make a new NewApp object
my $app = App->new(TMPL_PATH => 'templates/');

my $cgi = new CGI;
my $username = $cgi->cookie('username');

if ($username ne "")
{
    # Check for the user in the database
    my $dbh = DBI->connect("DBI:mysql:$databaseName", $dbUser, $dbPass)
                      or die "Could not connect to database: " . 
DBI->errstr;
    my $sth = $dbh->prepare('SELECT username FROM Users WHERE username=? 
AND password=?');
    $sth->execute($cgi->param('username'), $cgi->param('password')) or 
die "Died at execute: " . DBI->errstr;
    my ($dbUser) = $sth->fetchrow_array;
   
    if ($dbUser ne "")
    {
        # They are valid!
        # You need to update the cookie to stop from being logged out
                         
        # Perform the action
        $app->run();
    }
}
else
{
    # They were not logged... send them to the login screen
    print "Status: 302 Moved\nLocation:login.cgi\n\n";  # find a better 
way to do this

}

Thanks,
Kenny Pyatt
President
Design Shack
www.dshack.com

PS. Thanks Jesse (for writing and distributing CGI::App... it rules) and thanks Sam 
(for HTML::Template).



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[cgiapp] Logistics question

Reply via email to