summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorDylan William Hardison <dylan@hardison.net>2015-08-24 20:04:19 +0200
committerDylan William Hardison <dylan@hardison.net>2015-08-24 20:04:48 +0200
commitd03b432557e0422d5b0dbd32e82d36d3f9a5b68a (patch)
tree062a315373e97c80804ffcdfde989612a50003fe /Bugzilla
parent59f96419500ae8c1b87b06abb0a5cca9f165b030 (diff)
downloadbugzilla-d03b432557e0422d5b0dbd32e82d36d3f9a5b68a.tar.gz
bugzilla-d03b432557e0422d5b0dbd32e82d36d3f9a5b68a.tar.xz
Bug 1192687 - add the ability for users to view and revoke existing sessions
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Auth/Login/Cookie.pm11
-rw-r--r--Bugzilla/User/Session.pm48
2 files changed, 58 insertions, 1 deletions
diff --git a/Bugzilla/Auth/Login/Cookie.pm b/Bugzilla/Auth/Login/Cookie.pm
index e1faa52d0..46024bca4 100644
--- a/Bugzilla/Auth/Login/Cookie.pm
+++ b/Bugzilla/Auth/Login/Cookie.pm
@@ -19,7 +19,7 @@ package Bugzilla::Auth::Login::Cookie;
use strict;
use base qw(Bugzilla::Auth::Login);
-use fields qw(_login_token);
+use fields qw(_login_token _cookie);
use Bugzilla::Constants;
use Bugzilla::Error;
@@ -58,6 +58,8 @@ sub get_login_info {
@{$cgi->{'Bugzilla_cookie_list'}};
$user_id = $cookie->value if $cookie;
}
+ trick_taint($login_cookie) if $login_cookie;
+ $self->cookie($login_cookie);
# If the call is for a web service, and an api token is provided, check
# it is valid.
@@ -155,4 +157,11 @@ sub login_token {
};
}
+sub cookie {
+ my ($self, $val) = @_;
+ $self->{_cookie} = $val if @_ > 1;
+
+ return $self->{_cookie};
+}
+
1;
diff --git a/Bugzilla/User/Session.pm b/Bugzilla/User/Session.pm
new file mode 100644
index 000000000..c547867d1
--- /dev/null
+++ b/Bugzilla/User/Session.pm
@@ -0,0 +1,48 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# This Source Code Form is "Incompatible With Secondary Licenses", as
+# defined by the Mozilla Public License, v. 2.0.
+
+package Bugzilla::User::Session;
+
+use 5.10.1;
+use strict;
+
+use parent qw(Bugzilla::Object);
+
+#####################################################################
+# Overriden Constants that are used as methods
+#####################################################################
+
+use constant DB_TABLE => 'logincookies';
+use constant DB_COLUMNS => qw(
+ cookie
+ userid
+ lastused
+ ipaddr
+ id
+ restrict_ipaddr
+);
+
+use constant UPDATE_COLUMNS => qw();
+use constant VALIDATORS => {};
+use constant LIST_ORDER => 'lastused DESC';
+use constant NAME_FIELD => 'cookie';
+
+# turn off auditing and exclude these objects from memcached
+use constant { AUDIT_CREATES => 0,
+ AUDIT_UPDATES => 0,
+ AUDIT_REMOVES => 0,
+ USE_MEMCACHED => 0 };
+
+# Accessors
+sub id { return $_[0]->{id} }
+sub userid { return $_[0]->{userid} }
+sub cookie { return $_[0]->{cookie} }
+sub lastused { return $_[0]->{lastused} }
+sub ipaddr { return $_[0]->{ipaddr} }
+sub restrict_ipaddr { return $_[0]->{restrict_ipaddr} }
+
+1;