introduce functions for cookie based cryptographically signed session variables

diff --git a/session.sh b/session.sh
index 93cc2f4e93f88c46f3d4dfea29b79ef402b8cf09..b52ac0a5cc6fab71ba8a7926c27ac692a5c867de 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -86,3 +86,20 @@ update_session(){
 SESSION_KEY="$(update_session)"
 SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
 SESSION_ID="${SESSION_KEY%% *}"
+
+SESSION_BIND() {
+  local key="$1" value="$2"
+  SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
+}
+
+SESSION_VAR() {
+  local key="$1"
+  local value sig
+  value="$(COOKIE "$key")"
+  sig="${value##* }" value="${value% *}"
+  if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
+    printf %s\\n "$value"
+  else
+    return 1
+  fi
+}