venice-dynamo-rewrite/venice-data/util/session_init.js

68 lines
3.1 KiB
JavaScript
Raw Normal View History

2003-05-19 21:25:31 -06:00
// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
//
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
//
// The Original Code is the Venice Web Communities System.
//
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
//
// Contributor(s):
importPackage(Packages.com.silverwrist.dynamo.iface);
importPackage(Packages.com.silverwrist.dynamo.util);
importClass(Packages.com.silverwrist.venice.VeniceNamespaces);
importPackage(Packages.com.silverwrist.venice.session);
req = bsf.lookupBean("request"); // get request
rhelp = bsf.lookupBean("request_help"); // get request helper
if (rhelp.isRequestType("_SESSION") && rhelp.isVerb("PUT"))
{ // OK, this is a session-established event...
if (rhelp.isSessionType("HTTP"))
{ // Check to see if the user can automatically log in with a cookie.
cctrl = cast.queryCookieControl(req);
if (cctrl.isCookiePresent(venice_session.loginCookieName))
{ // retrieve and parse the cookie value
logged_in = false;
arr = stringutils.split(cctrl.getCookie(venice_session.loginCookieName),":");
s = arr[0] + "";
if (s=="VQAT2")
{ // get the user corresponding to the UID embedded in this object
new_user = vlib.lookupUser(req,cast.toInteger(arr[1]));
if (new_user!=null)
{ // attempt to authenticate with the cookie value
if (new_user.authenticate(VeniceNamespaces.SESSION_CONTROL_NAMESPACE,"cookie",arr[2],arr[3]))
{ // this is the real user we're logged in as - set it into the session
session = rhelp.getSession();
session.setObject(SessionInfoParams.NAMESPACE,SessionInfoParams.ATTR_USER,new_user);
session.setObject(SessionInfoParams.NAMESPACE,SessionInfoParams.ATTR_COOKIE_AUTH_SOURCE,arr[2]);
audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.ok");
new_user.setLastAccessDate(new_user,new java.util.Date());
logged_in = true;
} // end if
// else authentication failed - just dump out
} // end if
// else we don't know this UID - bail out
} // end if
// else our cookie format does not match - bail out
if (!logged_in) // if we failed to log in with this cookie, delete it
cctrl.deleteCookie(venice_session.loginCookieName);
} // end if
// Now set up the established user (either the one that just logged in or Anonymous_Honyak).
dynamo.exec("/util/setup_user.js");
} // end if (session is HTTP)
} // end if (session-PUT event)