table style

[cgilite] / session.sh

diff --git a/session.sh b/session.sh
index ca931fad9aa662ec338820bdc88be9f5018aba24..1f4699e441357303b4dd4b6e4daeff3af1bb47c8 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -75,6 +75,7 @@ checkid(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | grep -m 1 -xE '[0-9a-zA-
 
 update_session(){
   local session sid time sig checksig
+  unset SESSION_KEY SESSION_ID
 
   read -r sid time sig <<-END
        $(POST session_key || COOKIE session)
@@ -82,23 +83,38 @@ update_session(){
   
   checksig="$(session_mac "$sid" "$time")"
   
-  if ! [ "$checksig" = "$sig" \
-    -a "$time" -ge "$_DATE" \
-    -a "$(printf %s "$sid" |checkid)" ] 2>&-
+  if [ "$checksig" = "$sig" \
+       -a "$time" -ge "$_DATE" \
+       -a "$(checkid "$sid")" ] 2>&-
   then
-    debug "Setting up new session"
-    sid="$(randomid)"
+    time=$(( $_DATE + $SESSION_TIMEOUT ))
+    sig="$(session_mac "$sid" "$time")"
+
+    SESSION_KEY="${sid} ${time} ${sig}"
+    SESSION_ID="${sid}"
+    return 0
+  else
+    return 1
   fi
 
+}
+
+new_session(){
+  local sid time sig
+
+  debug "Setting up new session"
+  sid="$(randomid)"
   time=$(( $_DATE + $SESSION_TIMEOUT ))
   sig="$(session_mac "$sid" "$time")"
-  printf %s\\n "${sid} ${time} ${sig}"
+
+  SESSION_KEY="${sid} ${time} ${sig}"
+  SESSION_ID="${sid}"
 }
 
 SESSION_BIND() {
   # Set tamper-proof authenticated cookie
   local key="$1" value="$2"
-  SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
+  SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")" Path="/${_BASE#/}" SameSite=Strict HttpOnly
 }
 
 SESSION_VAR() {
@@ -114,6 +130,9 @@ SESSION_VAR() {
   fi
 }
 
-SESSION_KEY="$(update_session)"
-SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
-SESSION_ID="${SESSION_KEY%% *}"
+SESSION_COOKIE() {
+  [ "$1" = new ] && new_session
+  SET_COOKIE 0 session="$SESSION_KEY" Path="/${_BASE#/}" SameSite=Strict HttpOnly
+}
+
+update_session || new_session