diff options
Diffstat (limited to 'perllib/FixMyStreet')
| -rw-r--r-- | perllib/FixMyStreet/App.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 10 | ||||
| -rw-r--r-- | perllib/FixMyStreet/TestMech.pm | 24 |
3 files changed, 33 insertions, 3 deletions
diff --git a/perllib/FixMyStreet/App.pm b/perllib/FixMyStreet/App.pm index 6728ebef8..2ae90c2fa 100644 --- a/perllib/FixMyStreet/App.pm +++ b/perllib/FixMyStreet/App.pm @@ -15,7 +15,7 @@ use Catalyst ( 'Unicode', 'Session', 'Session::Store::DBIC', - 'Session::State::Cookie', + 'Session::State::Cookie', # FIXME - we're using our own override atm 'Authentication', ); diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 16f0b994c..7526c2c25 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -48,8 +48,9 @@ Allow the user to legin with a username and a password. sub login : Private { my ( $self, $c ) = @_; - my $email = $c->req->param('email') || ''; - my $password = $c->req->param('password') || ''; + my $email = $c->req->param('email') || ''; + my $password = $c->req->param('password') || ''; + my $remember_me = $c->req->param('remember_me') || 0; # logout just in case $c->logout(); @@ -58,6 +59,11 @@ sub login : Private { && $password && $c->authenticate( { email => $email, password => $password } ) ) { + + # unless user asked to be remembered limit the session to browser + $c->set_session_cookie_expire(0) + unless $remember_me; + $c->res->redirect( $c->uri_for('/my') ); return; } diff --git a/perllib/FixMyStreet/TestMech.pm b/perllib/FixMyStreet/TestMech.pm index 3d011d708..c16f288c8 100644 --- a/perllib/FixMyStreet/TestMech.pm +++ b/perllib/FixMyStreet/TestMech.pm @@ -280,4 +280,28 @@ sub visible_form_values { return \%params; } +=head2 session_cookie_expiry + + $expiry = $mech->session_cookie_expiry( ); + +Returns the current expiry time for the session cookie. Might be '0' which +indicates it expires at end of browser session. + +=cut + +sub session_cookie_expiry { + my $mech = shift; + + my $cookie_name = 'fixmystreet_app_session'; + my $expires = 'not found'; + + $mech # + ->cookie_jar # + ->scan( sub { $expires = $_[8] if $_[1] eq $cookie_name } ); + + croak "Could not find cookie '$cookie_name'" if $expires eq 'not found'; + + return $expires || 0; +} + 1; |