El Mar 27 Nov 2001 10:21, Jon Robison escribió: > I have created a login system using the wonderful Ticket system from the > Eagle book. I have modified TicketAccess so that after authentication, > it reviews the arguments in the query string and does push_handler, the > handler being chosen based on the args. > > My only problem is that I want to provide the users with a logout button > which will delete the cookie from thier browser, yet I cannot find how!. > I have reviewed every module on my system with 'Cookie' in the name > (Apache::Cookie, CGI::Cookie, etc.) and nowhere does it tell how to do > this. There is a small mention of changing the expiration to < 0, but > apparently I am doing it wrong (possible confusing point is the use of > an 'expires' value in the cookie itself, seperate, I think, from the > 'expires' attribute on the cookie?) > > I know it is a lot to ask, but I am relatively new to this part of > mod_perl (pushing handlers, etc.), so if anyone can look at this and > replace my BLOCKED comments with a couple of helpfull lines, I would > greatly appreciate it! > > Thanks in advance - > > Jonathon Robison > > > Below is my modified TicketAccess, as well as the Logout module I am > re-directing to for logout action: > ========================================================= > package FES::Apache::TicketAccess; > > use strict; > use Apache::Constants qw(:common); > use FES::Apache::TicketTool (); > > sub handler { > my $r = shift; > my %input = $r->args; > # for checking input items > my $ticketTool = FES::Apache::TicketTool->new($r); > my($result, $msg) = $ticketTool->verify_ticket($r); > unless ($result) { > $r->log_reason($msg, $r->filename); > my $cookie = $ticketTool->make_return_address($r); > $r->err_headers_out->add('Set-Cookie' => $cookie); > return FORBIDDEN; > } > ## Here is where we need to insert a push_handler insert. I won't need > ## the requested uri from the $r, since the $r goes along for the ride > in ## push_handler > > my $action = defined $input{'act'} ? $input{'act'} : 'view'; > > print STDERR "action is defined as $action\n"; ## DEBUGGING > > if ($action eq 'logout') { > $r->push_handlers('PerlHandler' => 'FES::Control::Logout'); > return OK; > } elsif ($action eq 'view') { > $r->push_handlers('PerlHandler' => 'FES::Control::View'); > return OK; > } else { > $r->push_handlers('PerlHandler' => 'FES::Control::View'); > return OK; > } > ## ARE THOSE THE CORRECT THINGS TO 'RETURN' FOR THESE CASES? > > } > > 1; > ============================================================== > > And the Logout.pm: > > ============================================================= > package FES::Control::Logout; > > use strict; > use Apache; > use Apache::Constants qw(:common); > use FES::Common::Common qw( header footer); > use CGI qw/:standard/; > use CGI::Cookie; > > sub handler { > my $r = shift; > my $q = new CGI; > my $ticket = _get_ticket('r' => $r); > > ## HERE IS WHERE I NEED TO 1.) DELETE USER'S TICKET COOKIE AND > ## 2.) REDIRECT THEM TO "/FES" (w/o bringing old > $r),(WHERE THEY SHOULD GET > ## A NEW LOGIN SCREEN BECAUSE COOKIE IS > GONE.) > > } > > sub _get_ticket { > my $args = { > 'r' => undef, > @_ > }; > my $r = $args->{'r'}; > my %cookies = CGI::Cookie->parse($r->header_in('Cookie')); > # TESTING > my %ticket = $cookies{'Ticket'}->value; # TESTING > return \%ticket; > } > > 1; > =====================================================
Set it again with an expiration time of 'now', i actually use it with CGI.pm You can send it with a custom invalid value, like 'invalidated', and take apropriate actions. Hans Poo