X-Git-Url: http://git.kpe.io/?p=wol.git;a=blobdiff_plain;f=sessions.lisp;h=727ad4bfabaceb57512a9af446d0e8c90c5893fa;hp=045d0dde0ef0cb446407b4ded0482a4d82ba33c5;hb=115593575b49ab252692a959380e94707e385de3;hpb=e74e1fd67746e37a630a1c9f8251467ba4254508

diff --git a/sessions.lisp b/sessions.lisp
index 045d0dd..727ad4b 100644
--- a/sessions.lisp
+++ b/sessions.lisp
@@ -7,7 +7,7 @@
 ;;;; Programmer:    Kevin M. Rosenberg
 ;;;; Date Started:  July 2003
 ;;;;
-;;;; $Id: sessions.lisp,v 1.3 2003/07/16 20:40:43 kevin Exp $
+;;;; $Id$
 ;;;;
 ;;;; This file and Wol are Copyright (c) 2003 by Kevin M. Rosenberg
 ;;;; *************************************************************************
@@ -15,48 +15,52 @@
 (in-package #:wol)
 
 
-(defun make-new-session-id ()
-  (random-string :length 24 :set :lower-alphanumeric))
-
-(defun ensure-websession (key req ent method)
-  "Find or make websession for key"
+(defun find-websession (key ent)
   (let ((sessions (sessions (session-master (entity-project ent)))))
-    ;; if sessions doesn't exist, then project is not session enabled
-    (when sessions
-      (cond 
-       ((null key)
-	(make-websession req ent method))
-       (t
-	(maphash
-	 (lambda (k v)
-	   (declare (ignore k))
-	   (when (equal key (websession-key v))
-	     (setf (websession-lastref v) (get-universal-time))
-	     (return-from ensure-websession v)))
-	 sessions)
-	(make-websession req ent method))))))
+    (maphash
+     (lambda (k v)
+       (declare (ignore k))
+       (when (equal key (websession-key v))
+	 (setf (websession-lastref v) (get-universal-time))
+	 (return-from find-websession v)))
+     sessions)
+    nil))
+
+(defun is-session-enabled (ent)
+  (not (null (sessions (session-master (entity-project ent))))))
 
   
-(defun make-websession (req ent method)
-  (let* ((key (random-string :length 24 :set :lower-alphanumeric))
+(defun make-websession (req ent)
+  (let* ((key (random-string :length +length-session-id+
+			     :set :lower-alphanumeric))
 	 (sess (make-instance 'websession
 		 :key key
 		 :lastref (get-universal-time)
 		 :lifetime (lifetime (session-master (entity-project ent)))
-		 :method method))
+		 :method :try-cookie))
 	 (hash (sessions (session-master (entity-project ent)))))
     (when hash
       (setf (gethash key hash) sess)
       (setf (websession-from-req req) sess)
       sess)))
 
-(defun compute-session (req ent)
-  (awhen (and (request-plist req)
-	      (getf (request-plist req) :session-id))
-	 (setf (websession-from-req req) 
-	   (ensure-websession it req ent :uri))))
-
 
+(defun compute-session (req ent url-session-id)
+  (when (is-session-enabled ent)
+    (let* ((cookie-session-id (cookie-session-key ent (request-cookies req)))
+	   (session-id (or url-session-id cookie-session-id))
+	   (found-session (when session-id
+			    (find-websession session-id ent)))
+	   (session (aif found-session
+			 it
+			 (make-websession req ent))))
+      (cond
+	(cookie-session-id
+	 (setf (websession-method session) :cookies))
+	(url-session-id
+	 (setf (websession-method session) :url)))
+      (setf (websession-from-req req) session))))
+  
 
 ;;; Reap expired sessions
 
@@ -93,8 +97,17 @@
 (defmethod flush-expired (s)
   (let ((sessions (sessions (session-master (cdr s)))))
     (remhash (car s) sessions)
-    (add-log-entry (cdr s) "flush expired session: key=~A" (websession-key (car s)))))
+    (add-log-entry (cdr s) "flush expired session: key=~A" 
+		   (websession-key (car s)))))
 
 (defun is-session-expired (ws)
   (> (get-universal-time)  (+ (websession-lastref ws)
 			      (websession-lifetime ws))))
+
+(defun is-raw-session-id (str)
+  (and (stringp str)
+       (> (length str) 2)
+       (char= #\~ (schar str 0) (schar str (1- (length str))))))
+
+(defun raw-session-id->session-id (str)
+  (subseq str 1 (1- (length str))))