From 538583cc1984428f9ff334fcba5b10ff00548ef4 Mon Sep 17 00:00:00 2001
From: martinahansen <martinahansen@74ccb610-7750-0410-82ae-013aeee3265d>
Date: Sun, 14 Mar 2010 11:22:12 +0000
Subject: [PATCH] added persistent sessions to BGB

git-svn-id: http://biopieces.googlecode.com/svn/trunk@900 74ccb610-7750-0410-82ae-013aeee3265d
---
 www/index.cgi | 167 ++++++++++++++++++++++++++++++++------------------
 1 file changed, 107 insertions(+), 60 deletions(-)

diff --git a/www/index.cgi b/www/index.cgi
index dedd080..c0235f0 100755
--- a/www/index.cgi
+++ b/www/index.cgi
@@ -85,7 +85,7 @@ sub cookie_default
 
     # Returns a hash.
 
-    my ( $cookie );
+    my ( $cookie, $session );
 
     $cookie = {};
 
@@ -108,35 +108,48 @@ sub cookie_default
     $cookie->{ 'DATA_DIR' }        = "Data";
     $cookie->{ 'SESSION_DIR' }     = "Sessions";
     $cookie->{ 'LIST_PAGES' }      = [ qw( clade genome assembly contig browse ) ];
-    $cookie->{ 'USER' }            = $cgi->param( 'user' ) || '';
+    $cookie->{ 'USER' }            = $cgi->param( 'user' );
     $cookie->{ 'PASSWORD' }        = $cgi->param( 'password' );
     $cookie->{ 'SESSION_ID' }      = $cgi->param( 'session_id' );
 
-    cookie_session( $cookie );
+    $session = session_restore( $cookie );
+
     cookie_login( $cookie );
 
-    $cookie->{ 'PAGE' }          ||= $cgi->param( 'page' )     || 'login';
+    # session_id_check( $cookie, $session );
 
-    if ( $cookie->{ 'LOGIN' } )
+    if ( $cookie->{ 'LOGIN_ERROR' } or $cookie->{ 'SESSION_ERROR' } )
+    {
+        $cookie->{ 'PAGE' } = 'login';
+    }
+    elsif ( $cookie->{ 'LOGIN' } )
     {
         if ( $cgi->param( 'genome' ) ) {
             $cookie->{ 'PAGE' } = 'browse';
         } else {
-            $cookie->{ 'PAGE' } = 'clade';
+            $cookie->{ 'PAGE' } = $session->{ 'PAGE' } || 'clade';
         }
     }
+    elsif ( not defined $cookie->{ 'USER' } )
+    {
+        $cookie->{ 'PAGE' } = 'login';
+    }
+    else
+    {
+         $cookie->{ 'PAGE' } = $cgi->param( 'page' ) || 'login';
+    }
 
-    $cookie->{ 'CLADE' }           = $cgi->param( 'clade' )    || '';
-    $cookie->{ 'GENOME' }          = $cgi->param( 'genome' )   || '';
-    $cookie->{ 'ASSEMBLY' }        = $cgi->param( 'assembly' ) || '';
-    $cookie->{ 'CONTIG' }          = $cgi->param( 'contig' )   || '';
-    $cookie->{ 'Q_ID' }            = $cgi->param( 'q_id' );
-    $cookie->{ 'NAV_START' }     ||= $cgi->param( 'nav_start' );
-    $cookie->{ 'NAV_END' }       ||= $cgi->param( 'nav_end' );
+    $cookie->{ 'CLADE' }           = $cgi->param( 'clade' )       || $session->{ 'CLADE' };
+    $cookie->{ 'GENOME' }          = $cgi->param( 'genome' )      || $session->{ 'GENOME' };
+    $cookie->{ 'ASSEMBLY' }        = $cgi->param( 'assembly' )    || $session->{ 'ASSEMBLY' };
+    $cookie->{ 'CONTIG' }          = $cgi->param( 'contig' )      || $session->{ 'CONTIG' };
+    $cookie->{ 'Q_ID' }            = $cgi->param( 'q_id' )        || $session->{ 'Q_ID' };
+    $cookie->{ 'NAV_START' }       = defined $cgi->param( 'nav_start' ) ? $cgi->param( 'nav_start' ) : $session->{ 'NAV_START' };
+    $cookie->{ 'NAV_END' }         = $cgi->param( 'nav_end' )     || $session->{ 'NAV_END' };
     $cookie->{ 'NAV_CENTER' }      = $cgi->param( 'nav_center' );
-    $cookie->{ 'S_BEG' }           = $cgi->param( 's_beg' );
-    $cookie->{ 'S_END' }           = $cgi->param( 's_end' );
-    $cookie->{ 'STRAND' }          = $cgi->param( 'strand' );
+    $cookie->{ 'S_BEG' }           = $cgi->param( 's_beg' )       || $session->{ 'S_BEG' };
+    $cookie->{ 'S_END' }           = $cgi->param( 's_end' )       || $session->{ 'S_END' };
+    $cookie->{ 'STRAND' }          = $cgi->param( 'strand' )      || $session->{ 'STRAND' };
     $cookie->{ 'ZOOM_IN1' }        = $cgi->param( 'zoom_in1' );
     $cookie->{ 'ZOOM_IN2' }        = $cgi->param( 'zoom_in2' );
     $cookie->{ 'ZOOM_IN3' }        = $cgi->param( 'zoom_in3' );
@@ -163,7 +176,7 @@ sub cookie_default
     $cookie->{ 'FEAT_COLOR' }      = [ 0, 0, 0 ];
     $cookie->{ 'FEAT_MAX' }        = 5000;   # TODO: Reduntant?
 
-    $cookie->{ 'LIST_USER' }       = Maasha::BGB::Track::list_users();
+#    $cookie->{ 'LIST_USER' }       = Maasha::BGB::Track::list_users();  # TODO: Redundant?
 
     if ( $cookie->{ 'USER' } and not $cookie->{ 'LOGIN_ERROR' } )
     {
@@ -184,53 +197,85 @@ sub cookie_default
 
     $cookie->{ 'STRAND' } = '+' if defined $cookie->{ 'STRAND' } and $cookie->{ 'STRAND' } eq ' ';   # FIXME ugly HTML fix
 
+    session_store( $cookie, $session );
+
     return wantarray ? %{ $cookie } : $cookie;
 }
 
 
-sub cookie_session
+sub session_restore
 {
-    # Martin A. Hansen, December 2009.
+    # Martin A. Hansen, March 2010.
 
-    # Check cookie information against session information.
+    # Restores session and returns this.
 
     my ( $cookie,   # cookie hash
        ) = @_;
 
-    # Returns nothing.
+    # Returns hashref.
 
     my ( $session );
 
-    $session = Maasha::BGB::Session::session_restore( "$cookie->{ 'SESSION_DIR' }/sessions.json" );
-
-    # if ( $cookie->{ 'SESSION_ID' } )
-    # {
-    #     if ( $cookie->{ 'SESSION_ID' } ne $ENV{ 'SSL_SESSION_ID' } ) {
-    #         $cookie->{ 'PAGE' } = 'login';
-    #         print STDERR "HER1\n"; # DEBUG
-    #     }
-    # }
-    # else
-    # {
-    #     $cookie->{ 'PAGE' } = 'login';
-    # 
-    #     print STDERR "HER2\n"; # DEBUG
-    # }
-
-    if ( exists $session->{ $cookie->{ 'USER' } } and $cookie->{ 'SESSION_ID' } )
+    if ( defined $cookie->{ 'USER' } and -d "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }" ) {
+        $session = Maasha::BGB::Session::session_restore( "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }/session.json" );
+    }
+
+    return wantarray ? %{ $session } : $session;
+}
+
+
+sub session_store
+{
+    # Martin A. Hansen, March 2010.
+
+    # Store a session updated with cookie information to session file.
+
+    my ( $cookie,    # cookie hash
+         $session,   # session hash
+       ) = @_;
+
+    # Returns nothing.
+
+    if ( defined $cookie->{ 'USER' } and $cookie->{ 'USER' } ne '' and -d "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }" )
     {
-        if ( $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' } ne $cookie->{ 'SESSION_ID' } ) {
-            $cookie->{ 'PAGE' } = 'login';
-            print STDERR "HER3\n"; # DEBUG
-        }
+        $session->{ 'TIME' }      = Maasha::Common::time_stamp();
+        $session->{ 'PAGE' }      = $cookie->{ 'PAGE' };
+        $session->{ 'CLADE' }     = $cookie->{ 'CLADE' };
+        $session->{ 'GENOME' }    = $cookie->{ 'GENOME' };
+        $session->{ 'ASSEMBLY' }  = $cookie->{ 'ASSEMBLY' };
+        $session->{ 'CONTIG' }    = $cookie->{ 'CONTIG' };
+        $session->{ 'Q_ID' }      = $cookie->{ 'Q_ID' };
+        $session->{ 'S_BEG' }     = $cookie->{ 'S_BEG' };
+        $session->{ 'S_END' }     = $cookie->{ 'S_END' };
+        $session->{ 'STRAND' }    = $cookie->{ 'STRAND' };
+        $session->{ 'NAV_START' } = $cookie->{ 'PAGE' } eq 'browse' ? $cookie->{ 'NAV_START' } : undef;
+        $session->{ 'NAV_END' }   = $cookie->{ 'PAGE' } eq 'browse' ? $cookie->{ 'NAV_END' }   : undef;
+
+        Maasha::BGB::Session::session_store( "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }/session.json", $session );
     }
-    else
+}
+
+
+sub session_id_check
+{
+    # Martin A. Hansen, March 2010.
+
+    # Check that the session id in the cookie and session match.
+    # Sets SESSION_ERROR flag in cookie if not matching.
+
+    my ( $cookie,    # cookie hash
+         $session,   # session hash
+       ) = @_;
+
+    # Returns nothing.
+
+    if ( defined $cookie->{ 'SESSION_ID' } and defined $session->{ 'SESSION_ID' } )
     {
-        $cookie->{ 'PAGE' } = 'login';
-        print STDERR "HER4\n";                                                                 # DEBUG
-        print STDERR "NO COOKIE SESSION ID\n" if not $cookie->{ 'SESSION_ID' };                # DEBUG
-        print STDERR "NO COOKIE USER\n"       if not $cookie->{ 'USER' };                      # DEBUG
-        print STDERR "NO SESSION USER\n"      if not exists $session->{ $cookie->{ 'USER' } }; # DEBUG
+        if ( $cookie->{ 'SESSION_ID' } ne $session->{ 'SESSION_ID' } ) {
+            $cookie->{ 'SESSION_ERROR' } = 1;
+        } else {
+            $cookie->{ 'SESSION_ERROR' } = 0;
+        }
     }
 }
 
@@ -251,19 +296,21 @@ sub cookie_login
 
     if ( defined $cookie->{ 'PASSWORD' } )
     {
-        $session = Maasha::BGB::Session::session_restore( "$cookie->{ 'SESSION_DIR' }/sessions.json" );
-    
-        if ( exists $session->{ $cookie->{ 'USER' } } and
-             $session->{ $cookie->{ 'USER' } }->{ 'PASSWORD' } eq Digest::MD5::md5_hex( $cookie->{ 'PASSWORD' } ) )
+        if ( defined $cookie->{ 'USER' } and -d "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }" )
         {
-            $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' } ||= Maasha::BGB::Session::session_new();
-            # $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' }   = $ENV{ 'SSL_SESSION_ID' };
-            $session->{ $cookie->{ 'USER' } }->{ 'TIME' }         = Maasha::Common::time_stamp();
-
-            $cookie->{ 'SESSION_ID' } = $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' };
-            $cookie->{ 'LOGIN' }      = 1;
-
-            Maasha::BGB::Session::session_store( "$cookie->{ 'SESSION_DIR' }/sessions.json", $session );
+            $session = Maasha::BGB::Session::session_restore( "$cookie->{ 'SESSION_DIR' }/$cookie->{ 'USER' }/session.json" );
+
+            if ( $session->{ 'PASSWORD' } eq Digest::MD5::md5_hex( $cookie->{ 'PASSWORD' } ) )
+            {
+                $cookie->{ 'TIME' }          = Maasha::Common::time_stamp();
+                $cookie->{ 'SESSION_ID' }  ||= Maasha::BGB::Session::session_new();
+                $cookie->{ 'LOGIN' }         = 1;
+                $cookie->{ 'LOGIN_ERROR' }   = 0;
+            }
+            else
+            {
+                $cookie->{ 'LOGIN_ERROR' } = 1;
+            }
         }
         else
         {
-- 
2.39.2