[ -n "$include_session" ] && return 0
include_session="$0"
+_DATE="$(date +%s)"
+SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+
server_key(){
IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
if [ "$(stat -c %s "$IDFILE")" -ne 512 ] || ! cat "$IDFILE"; then
}
timeid(){
- d=$(($(date +%s) % 4294967296))
+ d=$(($_DATE % 4294967296))
{ printf "$(
printf \\%o \
$((d / 16777216 % 256)) \
} | slopecode
}
-checkid(){ grep -m 1 -xE '[0-9a-zA-Z:_]{16}'; }
+checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
+
+transid(){
+ # transaction ID to modify a given file
+ local file="$1"
+ { stat -c %F%i%n%N%s%Y "$file" 2>&-
+ printf %s "$SESSION_ID"
+ server_key
+ } | sha256sum | cut -d\ -f1
+}
update_session(){
local session sid time sig serverkey checksig
IFS=- read -r sid time sig <<-END
- $(COOKIE session)
+ $(POST session_key || COOKIE session)
END
serverkey="$(server_key)"
checksig="$(printf %s "$sid" "$time" "$serverkey" | sha256sum)"
checksig="${checksig%% *}"
- d=$(date +%s)
- if [ "$checksig" != "$sig" \
- -o "$time" -lt "$d" \
- -o ! "$(printf %s "$sid" |checkid)" ] 2>&-
+ if ! [ "$checksig" = "$sig" \
+ -a "$time" -ge "$_DATE" \
+ -a "$(printf %s "$sid" |checkid)" ] 2>&-
then
- debug Setting up new session
+ debug "Setting up new session"
sid="$(randomid)"
fi
- time=$(( $(date +%s) + 7200 ))
+ time=$(( $_DATE + $SESSION_TIMEOUT ))
sig="$(printf %s "$sid" "$time" "$serverkey" |sha256sum)"
sig="${sig%% *}"
printf %s\\n "${sid}-${time}-${sig}"
}
-SESSION_ID="$(update_session)"
-SET_COOKIE 0 session="$SESSION_ID" Path=/ SameSite=Strict HttpOnly
-SESSION_ID="${SESSION_ID%%-*}"
+SESSION_KEY="$(update_session)"
+SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+SESSION_ID="${SESSION_KEY%%-*}"
projects / cgilite / blobdiff