From ae2d160f9e829c1ab0f40708d479f0876d5deeee Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Fri, 26 Jun 2015 14:52:05 +0200 Subject: [PATCH] Some fixes in API Key and session handling --- vroom.pl | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/vroom.pl b/vroom.pl index 395d120..d135a30 100755 --- a/vroom.pl +++ b/vroom.pl @@ -156,7 +156,7 @@ helper get_name => sub { # And a new API key helper login => sub { my $self = shift; - if ($self->session('id')){ + if ($self->session('id') && $self->session('id') ne ''){ return 1; } my $id = $self->get_random(256); @@ -168,8 +168,8 @@ helper login => sub { }; $sth->execute($key); $self->session( - id => $id, - key => $key + id => $id, + key => $key ); $self->app->log->info($self->get_name . " logged in from " . $self->tx->remote_address); return 1; @@ -188,6 +188,11 @@ helper logout => sub { $peers->{$self->session('peer_id')}->{socket}){ $peers->{$self->session('peer_id')}->{socket}->finish; } + my $sth = eval { + $self->db->prepare('DELETE FROM `api_keys` + WHERE `token`=?'); + }; + $sth->execute($self->session('key')); $self->app->log->info($self->get_name . " logged out"); $self->session( expires => 1 ); return 1;