[open-ils-commits] r10296 -
branches/rel_1_2/Open-ILS/src/perlmods/OpenILS/WWW
svn at svn.open-ils.org
svn at svn.open-ils.org
Thu Aug 7 09:49:36 EDT 2008
Author: erickson
Date: 2008-08-07 09:49:30 -0400 (Thu, 07 Aug 2008)
New Revision: 10296
Modified:
branches/rel_1_2/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm
Log:
return to login page if auth fails, existing auth session has timed out, or existing auth session does not have required perms
Modified: branches/rel_1_2/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm
===================================================================
--- branches/rel_1_2/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm 2008-08-07 13:49:06 UTC (rev 10295)
+++ branches/rel_1_2/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm 2008-08-07 13:49:30 UTC (rev 10296)
@@ -112,11 +112,13 @@
)
);
return Apache2::Const::REDIRECT;
- }
+ } else {
+ return back_to_login($cgi);
+ }
}
my $user = verify_login($auth_ses);
- return Apache2::Const::FORBIDDEN unless ($user);
+ return back_to_login($cgi) unless $user;
$ws_ou ||= $user->home_ou;
@@ -127,12 +129,25 @@
->request('open-ils.actor.user.perm.check', $auth_ses, $user->id, $ws_ou, $perms)
->gather(1);
- return Apache2::Const::FORBIDDEN if (@$failures > 0);
+ return back_to_login($cgi) if (@$failures > 0);
# they're good, let 'em through
return Apache2::Const::DECLINED;
}
+sub back_to_login {
+ my $cgi = shift;
+ print $cgi->redirect(
+ -uri=>$cgi->url,
+ -cookie=>$cgi->cookie(
+ -name=>'ses',
+ -value=>'',
+ -path=>'/',-expires=>'-1h'
+ )
+ );
+ return Apache2::Const::REDIRECT;
+}
+
# returns the user object if the session is valid, 0 otherwise
sub verify_login {
my $auth_token = shift;
More information about the open-ils-commits
mailing list