Adding logon-status and finally with nangel's help got this working

git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@632 ab2d0c66-481e-0410-8bed-d214d4d58bed

4 files changed, 67 insertions, 31 deletions

diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua
index 3661320..e10874e 100644
--- a/app/acf-util/logon-controller.lua
+++ b/app/acf-util/logon-controller.lua
@@ -2,40 +2,38 @@
 
 module (..., package.seeall)
 
-require ("session")
-
-mvc.on_load = function(self, parent)
-	-- If they specify an invalid action or try to run init, then redirect
-	-- to the read function.
-	if ( self.conf.action == nil  or self.conf.action == "init" )  then
-		-- do what?
-	end
+--require ("session")
 	
-end
-
+mvc.on_load = function(self, parent)
+     if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then
+      self.worker[self.conf.action] = list_redir(self)
+      end
+ --logit ("logon.mvc.on_load activated")
+ end
 
 logon = function(self)
+--return ( {logon=self.model:logon(self,clientdata.userid, clientdata.password) })
 	
-	local userid=cfe({ name="userid" })
-	local password=cfe({ name="password" })
-	local logon=cfe({ name="Logon", type="submit"})
-	local s = ""
+local userid=cfe({ name="userid" })
+local password=cfe({ name="password" })
+local logon=cfe({ name="Logon", type="submit"})
+local s = ""
 
 	-- FIXME - if they are already logged in, log out first
 	
 	if clientdata.userid and clientdata.password then
-		local t = self.model.logon(self,clientdata.userid,clientdata.password)
+	local t = self.model.logon(self,clientdata.userid,clientdata.password)
 	
 		if t == nil then
-			userid.value = self.clientdata.userid
+		userid.value = self.clientdata.userid
 			userid.errtxt = "There was a problem logging in"
 		else
 		-- the login was successful - give them a new session, and redir to logged in
 			sessiondata.id = session.random_hash ( 512)
 			sessiondata.userinfo = t or {}
-			self.conf.prefix="/"
-			self.conf.controller="welcome"
-			self.conf.action = "read"
+			self.conf.prefix="/acf-util/"
+			self.conf.controller="logon"
+			self.conf.action = "status"
 			self.conf.type = "redir"
 			error (self.conf)
 		end
@@ -51,13 +49,9 @@ end
 
 
 logout = function(self)
-	self.model.logout(self, session.id)
-
+	return  { logout = self.model:logoff(clientdata.sessionid) } 
+end
 
-        -- and raise an error to go to the homepage
-	self.conf.action = ""
-	self.conf.prefix = ""
-	self.conf.controller = ""
-	self.conf.type = "redir"
-	error(self.conf)
+status = function(self)
+	return( {stats= self.model:status(clientdata.sessionid) })
 end
diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua
index 3c89a2a..03179ca 100644
--- a/app/acf-util/logon-model.lua
+++ b/app/acf-util/logon-model.lua
@@ -2,7 +2,8 @@
 
 module (..., package.seeall)
 
-local sess = require ("session")
+require ("session")
+require ("html")
 
 -- load an authenticator
 -- FIXME: use an "always true" as default?
@@ -33,11 +34,28 @@ logon = function (self, id, password )
 	end
 end
 
-logoff = function (self, sessionid)
+logoff = function (self, sessdata)
 	-- sessionid invalid?
 	-- 	record event, ignore the attempt
 	-- else
 	-- 	unlink session
 	--	issue new sessionid
+	
+	--made it so that we get a new sessionid then try to delete it
+	--need to make the whole sessiondata table go bye bye
+	delsess = session.unlink_session(self.conf.sessiondir, sessdata)
+	if delsess == true then 
+	logoff = "Successful"
+	else
+	logoff = "Incomplete or Unsuccessful logoff"
+	end	
+	sessiondata.id = session.random_hash(512) 
+	sessiondata = {}
+	return ( cfe{ {value=logoff,name="logoff"},{value=sessiondata,name="sessiondata"} })
 end
 
+status = function(self, sessdata)
+	sessid = sessdata
+	checkme = session.check_session(self.conf.sessiondir,sessdata)	
+	return ( cfe { checkme={value=checkme,name="checkme"}, sessid={value=sessid,name="sessid" } })	
+end
diff --git a/app/acf-util/logon-status-html.lsp b/app/acf-util/logon-status-html.lsp
new file mode 100644
index 0000000..78d400e
--- /dev/null
+++ b/app/acf-util/logon-status-html.lsp
@@ -0,0 +1,6 @@
+<? local view= ... ?> 
+<h1>User Status </h1>
+<p> Below is your current Session id <p>
+<?= view.stats.sessid.value ?>
+<p>User account and role information may appear below.</p>
+<pre><?= view.stats.checkme.value ?></pre>
diff --git a/lib/session.lua b/lib/session.lua
index 1c59df0..57b14d2 100644
--- a/lib/session.lua
+++ b/lib/session.lua
@@ -13,6 +13,7 @@
 module (..., package.seeall)
 
 require "posix"
+require "fs"
 
 local b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-"
 
@@ -143,11 +144,28 @@ unlink_session = function (sessionpath, session)
 		return nil
 	end
 	session = sessionpath .. "/session." .. s
-	os.remove (session)
-	return nil
+	local statos = os.remove (session)
+	return statos
 end
 
+--need to see if this is a "real"-user session or just a temp one. 
+check_session = function (sessionpath, session)
+	local fullpath = sessionpath .. "/session." .. session
+	if type(session) ~= "string" then return nil end
+	local s = string.gsub (session, "[^" .. b64 .. "]", "")
+	if s ~= session then
+		return nil
+	end
+	check_size = posix.stat(fullpath,"size")
+	if check_size == 0 then 
+	return "Null Session"
+	else
+	local c = fs.read_file(fullpath)
+	return c	
+	end
+		
 
+end
 -- Record an invalid login event 
 -- ID would typically be an ip address or username
 -- the format is lockevent.id.datetime.processid