From: Paul Hänsch <paul@plutz.net>
Date: Sat, 13 Feb 2021 21:06:49 +0000 (+0100)
Subject: introduce functions for cookie based cryptographically signed session variables
X-Git-Url: https://git.plutz.net/?p=cgilite;a=commitdiff_plain;h=47a1cf6b49b7c063f1ac3f5e3b401c71de45230e

introduce functions for cookie based cryptographically signed session variables
---

diff --git a/session.sh b/session.sh
index 93cc2f4..b52ac0a 100755
--- a/session.sh
+++ b/session.sh
@@ -86,3 +86,20 @@ update_session(){
 SESSION_KEY="$(update_session)"
 SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
 SESSION_ID="${SESSION_KEY%% *}"
+
+SESSION_BIND() {
+  local key="$1" value="$2"
+  SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
+}
+
+SESSION_VAR() {
+  local key="$1"
+  local value sig
+  value="$(COOKIE "$key")"
+  sig="${value##* }" value="${value% *}"
+  if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
+    printf %s\\n "$value"
+  else
+    return 1
+  fi
+}