1 files changed, 82 insertions, 20 deletions

diff --git a/lib/metamask.hoon b/lib/metamask.hoon
index 4cb403b..3456692 100644
--- a/lib/metamask.hoon
+++ b/lib/metamask.hoon
@@ -1,4 +1,4 @@
-/+  naive, ethereum, server
+/+  naive, ethereum, server, sr=sortug
 =>
 |%
 +$  challenges  (set secret)
@@ -9,7 +9,8 @@
       adr=tape
       sig=tape
   ==
-+$  user-sessions  (map comet=@p id=@p)
+:: +$  user-sessions  (map coki=@ [proven=@p src=@p])
++$  user-sessions  (map coki=@ ship=@p)
 +$  sessions
   $:  =challenges
       users=user-sessions
@@ -18,11 +19,6 @@
 |_  [=sessions =bowl:gall]
 +$  sess  ^sessions
 ::  state field to keep track of users logged with metamask
-++  login  ^-  @p
-    =/  session  (~(get by users.sessions) src.bowl)
-      ?~  session  src.bowl
-      u.session
-  
   ::  this goes on the router
   ++  serve-metamask-challenge  
     |=  eyre-id=@ta
@@ -51,13 +47,19 @@
     =/  is-valid  (validate who.axn secret.axn adr.axn sig.axn)
     ~&  >>  signature-valid=[is-valid who.axn secret.axn adr.axn sig.axn]
     ?.  is-valid  ~|(%bad-metamask-signature !!)
+    
+    =/  coki-hash  session-hash
+    =/  coki  (session-cookie-string coki-hash who.axn)
     %+  weld
-    (self-poke [%auth who.axn src.bowl secret.axn])
+    (self-poke [%auth who.axn coki-hash secret.axn])
     %+  give-simple-payload:app:server
       order-id
     ^-  simple-payload:http
-    :-  :-  200
-        ~[['Content-Type' 'application/json']]
+    :-  :-  303
+      :~
+        ['set-cookie' coki]
+        ['location' '/zodiac']
+      ==
     =/  obj=json  %-  pairs:enjs:format  :~([%login-ok [%b .y]])
     `(as-octs:mimes:html (en:json:html obj))
     
@@ -129,7 +131,8 @@
       =,  dejs:format
       %.  jon
       %-  ot
-      :~  [%who (se %p)]
+      :: :~  [%who (se %p)]
+      :~  [%who ni]
           [%secret (se %uv)]
           [%address sa]
           [%signature sa]
@@ -151,19 +154,78 @@
   ::  these are the poke handlers
   ++  handle-meta
     |=  new-challenge=@  ^-  ^sessions
-    =?    users.sessions
-        !(~(has by users.sessions) src.bowl)
-      (~(put by users.sessions) [src.bowl src.bowl])
-    =?    challenges.sessions
-        =(src.bowl (~(got by users.sessions) src.bowl))
+    :: =?    users.sessions
+    ::     !(~(has by users.sessions) src.bowl)
+    ::   (~(put by users.sessions) [src.bowl src.bowl])
+    :: =?    challenges.sessions
+    ::     =(src.bowl (~(got by users.sessions) src.bowl))
+      =.  challenges.sessions
       (~(put in challenges.sessions) new-challenge)
 
     sessions
   ++  handle-auth
-    |=  [who=@p src=@p =secret]  ^-  ^sessions
-    ~&  >  "%ustj: Successful authentication of {<src>} as {<who>}."
-    =.  users.sessions        (~(put by users.sessions) src who)
+    |=  [who=@p coki=@ =secret]  ^-  ^sessions
+    :: ~&  >  "%ustj: Successful authentication of {<src>} as {<who>}."
+    =.  users.sessions        (~(put by users.sessions) coki who)
     =.  challenges.sessions   (~(del in challenges.sessions) secret)
     sessions
   
---
+  ++  session-timeout
+    |%
+    ++  auth   ~d30
+    ++  guest  ~d7
+    --
+  ++  session-hash
+    (~(raw og (shas %coki eny.bowl)) 128)
+  ++  session-cookie-string  |=  [session=@ proven=@p]
+    ^-  @t
+    =/  max-age=tape  %-  a-co:co
+      =/  its-a-me  .=(src.bowl our.bowl)
+      =,  session-timeout
+      (div (msec:milly ?:(its-a-me auth guest)) 1.000)
+    %-  crip
+      "urbneo-{(scow %p proven)}={(scow:parsing:sr %uv session)}; Path=/; Max-Age={max-age}"
+      :: "urbneo={(scow:parsing:sr %uv session)}; Path=/; Max-Age={max-age}"
+  ++  validate-coki  |=  coki=@t  ^-  (unit @p)
+    ~&  >>  validating-coki=coki
+    =/  cookies  (rush coki cock:de-purl:html)
+    ~&  cookies=cookies
+    ?~  cookies  ~
+    =/  cokis=(list [@t @t])  u.cookies
+    |-
+      ?~  cokis  ~
+      =/  hd  i.cokis
+      :: ?:  (contains:string:sr (trip hd) "urbneo")
+        ~&  key=-.hd
+        =/  hash  (slaw:parsing:sr %uv +.hd)
+        ?~  hash  $(cokis t.cokis)
+        ~&  hash=`@uv`u.hash
+        =/  sess  (~(get by users.sessions) u.hash)
+        ~&  sess=sess
+        ?~  sess  $(cokis t.cokis)
+        `u.sess
+  ++  parse-coki  |=  coki=@t
+    =/  cookies  (rush coki cock:de-purl:html)
+    ?~  cookies  users.sessions
+    =/  cokis=(list [@t @t])  u.cookies
+    |-
+      ?~  cokis  users.sessions
+      =/  hd  i.cokis
+      :: ?:  (contains:string:sr (trip hd) "urbneo")
+      ~&  key=-.hd
+      =/  hash  (slaw:parsing:sr %uv +.hd)
+      ?~  hash  $(cokis t.cokis)
+      =/  sess  (~(get by users.sessions) u.hash)
+      ?~  sess  $(cokis t.cokis)
+      (~(del by users.sessions) u.hash)
+
+  ++  logout  |=  [order-id=@t coki=@t]
+    (self-poke [%logout order-id coki])
+  ++  handle-logout  |=  [order-id=@t coki=@t]
+    ~&  handling-logout=coki
+    =/  new-users  (parse-coki coki)
+    :_  sessions(users new-users)
+    %+  give-simple-payload:app:server
+      order-id
+    (redirect:gen:server '/zodiac/login')
+  --