X-Git-Url: https://git.plutz.net/?p=confetti;a=blobdiff_plain;f=session.sh;h=b9cef4d3dc2cdfd544b5499754bb9f489010f9b4;hp=93cc2f4e93f88c46f3d4dfea29b79ef402b8cf09;hb=fcfbf01dba9c932dbb66abffa8f65bf1c7a15081;hpb=01b13a65484a01f314d6d97c74b48216ead2bc24

diff --git a/session.sh b/session.sh
index 93cc2f4..b9cef4d 100755
--- a/session.sh
+++ b/session.sh
@@ -3,6 +3,13 @@
 [ -n "$include_session" ] && return 0
 include_session="$0"
 
+if ! which uuencode >/dev/null; then
+  uuencode() { busybox uuencode "$@"; }
+fi
+if ! which sha256sum >/dev/null; then
+  sha256sum() { busybox sha256sum "$@"; }
+fi
+
 _DATE="$(date +%s)"
 SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
 
@@ -86,3 +93,20 @@ update_session(){
 SESSION_KEY="$(update_session)"
 SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
 SESSION_ID="${SESSION_KEY%% *}"
+
+SESSION_BIND() {
+  local key="$1" value="$2"
+  SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
+}
+
+SESSION_VAR() {
+  local key="$1"
+  local value sig
+  value="$(COOKIE "$key")"
+  sig="${value##* }" value="${value% *}"
+  if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
+    printf %s\\n "$value"
+  else
+    return 1
+  fi
+}