diff options
| author | polwex <polwex@sortug.com> | 2025-06-22 23:11:11 +0700 |
|---|---|---|
| committer | polwex <polwex@sortug.com> | 2025-06-22 23:11:11 +0700 |
| commit | 6fb80b2d94a5282c8350278e299bfcb2d0b60d40 (patch) | |
| tree | be85636f67322948181bf59519dfe998f7d7b6b1 /lib/coki.hoon | |
| parent | 4e2a84761b95a29c02c77c575810ab49f2af7335 (diff) | |
Diffstat (limited to 'lib/coki.hoon')
| -rw-r--r-- | lib/coki.hoon | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/lib/coki.hoon b/lib/coki.hoon new file mode 100644 index 0000000..39ea479 --- /dev/null +++ b/lib/coki.hoon @@ -0,0 +1,92 @@ +/- *coki +/+ server, sr=sortug +|_ [=sessions =bowl:gall] ++$ sess ^sessions +++ session-timeout + |% + ++ host ~d30 + ++ guest ~d7 + -- +++ session-hash + (~(raw og (shas %coki eny.bowl)) 128) +++ session-cookie-string |= [session=@ proven=@p desk=@tas] + ^- @t + =/ max-age=tape %- a-co:co + =/ its-a-me .=(src.bowl our.bowl) + =, session-timeout + (div (msec:milly ?:(its-a-me host guest)) 1.000) + %- crip + "urbcoki-{(trip desk)}-{(scow %p proven)}={(scow:parsing:sr %uv session)}; Path=/{(trip desk)}; HttpOnly; SameSite=Lax; Max-Age={max-age}" + :: "urbneo={(scow:parsing:sr %uv session)}; Path=/; Max-Age={max-age}" +++ validate-coki |= coki=@t ^- (unit @p) + =/ cookies (rush coki cock:de-purl:html) + ~& cookies=cookies + ?~ cookies ~ + =/ cokis=(list [@t @t]) u.cookies + |- + ?~ cokis ~ + =/ hd i.cokis + :: ?: (contains:string:sr (trip hd) "urbneo") + =/ hash (slaw:parsing:sr %uv +.hd) + ?~ hash $(cokis t.cokis) + =/ sess (~(get by users.sessions) u.hash) + ?~ sess $(cokis t.cokis) + `u.sess +++ send-self-poke |= poke=self-poke + ^- (list card:agent:gall) + :~ [%pass /gib %agent [our.bowl dap.bowl] %poke %coki !>(poke)] + == +:: handle-self-pokes +++ handle-self-poke |= poke=self-poke +?- -.poke + %meta :- ~ (handle-challenge +.poke) + %coki :- ~ (handle-coki +.poke) + %logout (handle-logout +.poke) +== +++ handle-challenge + |= new-challenge=@ ^- ^sessions + :: =? users.sessions + :: !(~(has by users.sessions) src.bowl) + :: (~(put by users.sessions) [src.bowl src.bowl]) + :: =? challenges.sessions + :: =(src.bowl (~(got by users.sessions) src.bowl)) + =. challenges.sessions + (~(put in challenges.sessions) new-challenge) + + sessions + + +++ parse-coki |= coki=@t + =/ cookies (rush coki cock:de-purl:html) + ?~ cookies users.sessions + =/ cokis=(list [@t @t]) u.cookies + |- + ?~ cokis users.sessions + =/ hd i.cokis + :: ?: (contains:string:sr (trip hd) "urbneo") + =/ hash (slaw:parsing:sr %uv +.hd) + ?~ hash $(cokis t.cokis) + =/ sess (~(get by users.sessions) u.hash) + ?~ sess $(cokis t.cokis) + (~(del by users.sessions) u.hash) + +++ logout |= [order-id=@t coki=@t redirect=@t] + (send-self-poke [%logout order-id coki redirect]) + +++ handle-logout |= [order-id=@t coki=@t redirect=@t] + ~& handling-logout=coki + =/ new-users (parse-coki coki) + :_ sessions(users new-users) + %+ give-simple-payload:app:server + order-id + (redirect:gen:server redirect) + + ++ handle-coki + |= [who=@p coki=@ =challenge] ^- ^sessions + :: ~& > "%ustj: Successful authentication of {<src>} as {<who>}." + =. users.sessions (~(put by users.sessions) coki who) + =. challenges.sessions (~(del in challenges.sessions) challenge) + sessions + + +-- |