A session-leader doesn't have to be a resource anymore. Added
session-leader-resource for those relying on the old behaviour.
This commit is contained in:
@ -16,7 +16,7 @@
|
||||
|
||||
;;; Ephemeral cookie-based session management
|
||||
|
||||
(defclass session-leader (resource)
|
||||
(defclass session-leader ()
|
||||
((sessions :initform (make-hash-table :test #'equal)
|
||||
:reader session-leader-sessions)
|
||||
(session-name :initform "SESSIONID" :initarg :session-name
|
||||
@ -40,10 +40,6 @@ session id, which is then returned."))
|
||||
(setf (gethash new-id (session-leader-sessions leader)) data)
|
||||
new-id))
|
||||
|
||||
(defgeneric session-leader-process-login (leader request)
|
||||
(:documentation
|
||||
"Process the :post request to handle a login."))
|
||||
|
||||
(defmacro with-new-session ((leader data) &body body)
|
||||
`(let ((leader ,leader)
|
||||
(data ,data)
|
||||
@ -55,24 +51,20 @@ session id, which is then returned."))
|
||||
(session-leader-session-path leader))))
|
||||
result))
|
||||
|
||||
(defmethod access-resource-using-method
|
||||
((resource session-leader) request (method (eql :POST)))
|
||||
(session-leader-process-login resource request))
|
||||
|
||||
(defgeneric get-session-data (leader request)
|
||||
(:documentation
|
||||
"Lookup a possible session-data item bound to the session id that
|
||||
is included in a Cookie header in the given request. Returns nil of
|
||||
no corresponding session-data item can be found."))
|
||||
|
||||
(defmethod get-session-data ((resource session-leader) request)
|
||||
(defmethod get-session-data ((leader session-leader) request)
|
||||
(when (header-exists-p request 'cookie)
|
||||
(let* ((session-name (session-leader-session-name resource))
|
||||
(let* ((session-name (session-leader-session-name leader))
|
||||
(cookie (assoc session-name (header-value request 'cookie)
|
||||
:test #'string-equal)))
|
||||
(when cookie
|
||||
(gethash (cdr cookie)
|
||||
(session-leader-sessions resource)
|
||||
(session-leader-sessions leader)
|
||||
nil)))))
|
||||
|
||||
(defclass sessioned-resource (resource)
|
||||
@ -101,3 +93,16 @@ is invoked to handle the request."
|
||||
(if ,var
|
||||
(progn ,@body)
|
||||
(handle-missing-session ,res-var ,req-var)))))
|
||||
|
||||
;;; Hack for limited backwards compatability
|
||||
|
||||
(defclass session-leader-resource (resource session-leader)
|
||||
())
|
||||
|
||||
(defgeneric session-leader-process-login (leader request)
|
||||
(:documentation
|
||||
"Process the :post request to handle a login."))
|
||||
|
||||
(defmethod access-resource-using-method
|
||||
((resource session-leader-resource) request (method (eql :POST)))
|
||||
(session-leader-process-login resource request))
|
||||
|
||||
Reference in New Issue
Block a user