123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- package Trog::Authz::Base;
- use strict;
- use warnings;
- no warnings 'experimental';
- use feature qw{signatures state};
- use constant 'required_params' => [];
- sub new ($class, $params) {
- return 0 if grep { !$params->{$_} } @{$class->required_params()};
- my $self = bless { 'params' => $params }, $class;
- return $self->do_auth();
- }
- sub do_auth {
- die "Implemented in subclass";
- }
- sub failed ($self, $failed = $self->{'failed'} ) {
- $self->{'failed'} = $failed if defined($failed);
- $self->{'failed'} //= -1;
- return $self->{'failed'};
- }
- sub headers ($self, @headers) {
- $self->{'headers'} = \@headers if @headers;
- return @{$self->{'headers'}};
- }
- sub handle_cookie ($self, $cookie) {
- if ($cookie) {
- # TODO secure / sameSite cookie to kill csrf, maybe do rememberme with Expires=~0
- my $secure = '';
- $secure = '; Secure' if $self->{'params'}->{scheme} eq 'https';
- $self->headers(
- "Set-Cookie" => "tcmslogin=$cookie; HttpOnly; SameSite=Strict$secure",
- );
- $self->failed(0);
- }
- return;
- }
- 1;
|