3 files changed, 241 insertions, 24 deletions

diff --git a/lib/dbug.hoon b/lib/dbug.hoon
new file mode 100644
index 0000000..ce98619
--- /dev/null
+++ b/lib/dbug.hoon
@@ -0,0 +1,155 @@
+::  dbug: agent wrapper for generic debugging tools
+::
+::    usage: %-(agent:dbug your-agent)
+::
+|%
++$  poke
+  $%  [%bowl ~]
+      [%state grab=cord]
+      [%incoming =about]
+      [%outgoing =about]
+  ==
+::
++$  about
+  $@  ~
+  $%  [%ship =ship]
+      [%path =path]
+      [%wire =wire]
+      [%term =term]
+  ==
+::
+++  agent
+  |=  =agent:gall
+  ^-  agent:gall
+  !.
+  |_  =bowl:gall
+  +*  this  .
+      ag    ~(. agent bowl)
+  ::
+  ++  on-poke
+    |=  [=mark =vase]
+    ^-  (quip card:agent:gall agent:gall)
+    ?.  ?=(%dbug mark)
+      =^  cards  agent  (on-poke:ag mark vase)
+      [cards this]
+    =/  dbug
+      !<(poke vase)
+    =;  =tang
+      ((%*(. slog pri 1) tang) [~ this])
+    ?-  -.dbug
+      %bowl   [(sell !>(bowl))]~
+    ::
+        %state
+      =?  grab.dbug  =('' grab.dbug)  '-'
+      =;  product=^vase
+        [(sell product)]~
+      =/  state=^vase
+        ::  if the underlying app has implemented a /dbug/state scry endpoint,
+        ::  use that vase in place of +on-save's.
+        ::
+        =/  result=(each ^vase tang)
+          (mule |.(q:(need (need (on-peek:ag /x/dbug/state)))))
+        ?:(?=(%& -.result) p.result on-save:ag)
+      %+  slap
+        (slop state !>([bowl=bowl ..zuse]))
+      (ream grab.dbug)
+    ::
+        %incoming
+      =;  =tang
+        ?^  tang  tang
+        [%leaf "no matching subscriptions"]~
+      %+  murn
+        %+  sort  ~(tap by sup.bowl)
+        |=  [[* a=[=ship =path]] [* b=[=ship =path]]]
+        (aor [path ship]:a [path ship]:b)
+      |=  [=duct [=ship =path]]
+      ^-  (unit tank)
+      =;  relevant=?
+        ?.  relevant  ~
+        `>[path=path from=ship duct=duct]<
+      ?:  ?=(~ about.dbug)  &
+      ?-  -.about.dbug
+        %ship  =(ship ship.about.dbug)
+        %path  ?=(^ (find path.about.dbug path))
+        %wire  %+  lien  duct
+               |=(=wire ?=(^ (find wire.about.dbug wire)))
+        %term  !!
+      ==
+    ::
+        %outgoing
+      =;  =tang
+        ?^  tang  tang
+        [%leaf "no matching subscriptions"]~
+      %+  murn
+        %+  sort  ~(tap by wex.bowl)
+        |=  [[[a=wire *] *] [[b=wire *] *]]
+        (aor a b)
+      |=  [[=wire =ship =term] [acked=? =path]]
+      ^-  (unit tank)
+      =;  relevant=?
+        ?.  relevant  ~
+        `>[wire=wire agnt=[ship term] path=path ackd=acked]<
+      ?:  ?=(~ about.dbug)  &
+      ?-  -.about.dbug
+        %ship  =(ship ship.about.dbug)
+        %path  ?=(^ (find path.about.dbug path))
+        %wire  ?=(^ (find wire.about.dbug wire))
+        %term  =(term term.about.dbug)
+      ==
+    ==
+  ::
+  ++  on-peek
+    |=  =path
+    ^-  (unit (unit cage))
+    ?.  ?=([@ %dbug *] path)
+      (on-peek:ag path)
+    ?+  path  [~ ~]
+      [%u %dbug ~]                 ``noun+!>(&)
+      [%x %dbug %state ~]          ``noun+!>(on-save:ag)
+      [%x %dbug %subscriptions ~]  ``noun+!>([wex sup]:bowl)
+    ==
+  ::
+  ++  on-init
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  on-init:ag
+    [cards this]
+  ::
+  ++  on-save   on-save:ag
+  ::
+  ++  on-load
+    |=  old-state=vase
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-load:ag old-state)
+    [cards this]
+  ::
+  ++  on-watch
+    |=  =path
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-watch:ag path)
+    [cards this]
+  ::
+  ++  on-leave
+    |=  =path
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-leave:ag path)
+    [cards this]
+  ::
+  ++  on-agent
+    |=  [=wire =sign:agent:gall]
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-agent:ag wire sign)
+    [cards this]
+  ::
+  ++  on-arvo
+    |=  [=wire =sign-arvo]
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-arvo:ag wire sign-arvo)
+    [cards this]
+  ::
+  ++  on-fail
+    |=  [=term =tang]
+    ^-  (quip card:agent:gall agent:gall)
+    =^  cards  agent  (on-fail:ag term tang)
+    [cards this]
+  --
+--
diff --git a/lib/metamask.hoon b/lib/metamask.hoon
index 4cb403b..3456692 100644
--- a/lib/metamask.hoon
+++ b/lib/metamask.hoon
@@ -1,4 +1,4 @@
-/+  naive, ethereum, server
+/+  naive, ethereum, server, sr=sortug
 =>
 |%
 +$  challenges  (set secret)
@@ -9,7 +9,8 @@
       adr=tape
       sig=tape
   ==
-+$  user-sessions  (map comet=@p id=@p)
+:: +$  user-sessions  (map coki=@ [proven=@p src=@p])
++$  user-sessions  (map coki=@ ship=@p)
 +$  sessions
   $:  =challenges
       users=user-sessions
@@ -18,11 +19,6 @@
 |_  [=sessions =bowl:gall]
 +$  sess  ^sessions
 ::  state field to keep track of users logged with metamask
-++  login  ^-  @p
-    =/  session  (~(get by users.sessions) src.bowl)
-      ?~  session  src.bowl
-      u.session
-  
   ::  this goes on the router
   ++  serve-metamask-challenge  
     |=  eyre-id=@ta
@@ -51,13 +47,19 @@
     =/  is-valid  (validate who.axn secret.axn adr.axn sig.axn)
     ~&  >>  signature-valid=[is-valid who.axn secret.axn adr.axn sig.axn]
     ?.  is-valid  ~|(%bad-metamask-signature !!)
+    
+    =/  coki-hash  session-hash
+    =/  coki  (session-cookie-string coki-hash who.axn)
     %+  weld
-    (self-poke [%auth who.axn src.bowl secret.axn])
+    (self-poke [%auth who.axn coki-hash secret.axn])
     %+  give-simple-payload:app:server
       order-id
     ^-  simple-payload:http
-    :-  :-  200
-        ~[['Content-Type' 'application/json']]
+    :-  :-  303
+      :~
+        ['set-cookie' coki]
+        ['location' '/zodiac']
+      ==
     =/  obj=json  %-  pairs:enjs:format  :~([%login-ok [%b .y]])
     `(as-octs:mimes:html (en:json:html obj))
     
@@ -129,7 +131,8 @@
       =,  dejs:format
       %.  jon
       %-  ot
-      :~  [%who (se %p)]
+      :: :~  [%who (se %p)]
+      :~  [%who ni]
           [%secret (se %uv)]
           [%address sa]
           [%signature sa]
@@ -151,19 +154,78 @@
   ::  these are the poke handlers
   ++  handle-meta
     |=  new-challenge=@  ^-  ^sessions
-    =?    users.sessions
-        !(~(has by users.sessions) src.bowl)
-      (~(put by users.sessions) [src.bowl src.bowl])
-    =?    challenges.sessions
-        =(src.bowl (~(got by users.sessions) src.bowl))
+    :: =?    users.sessions
+    ::     !(~(has by users.sessions) src.bowl)
+    ::   (~(put by users.sessions) [src.bowl src.bowl])
+    :: =?    challenges.sessions
+    ::     =(src.bowl (~(got by users.sessions) src.bowl))
+      =.  challenges.sessions
       (~(put in challenges.sessions) new-challenge)
 
     sessions
   ++  handle-auth
-    |=  [who=@p src=@p =secret]  ^-  ^sessions
-    ~&  >  "%ustj: Successful authentication of {<src>} as {<who>}."
-    =.  users.sessions        (~(put by users.sessions) src who)
+    |=  [who=@p coki=@ =secret]  ^-  ^sessions
+    :: ~&  >  "%ustj: Successful authentication of {<src>} as {<who>}."
+    =.  users.sessions        (~(put by users.sessions) coki who)
     =.  challenges.sessions   (~(del in challenges.sessions) secret)
     sessions
   
---
+  ++  session-timeout
+    |%
+    ++  auth   ~d30
+    ++  guest  ~d7
+    --
+  ++  session-hash
+    (~(raw og (shas %coki eny.bowl)) 128)
+  ++  session-cookie-string  |=  [session=@ proven=@p]
+    ^-  @t
+    =/  max-age=tape  %-  a-co:co
+      =/  its-a-me  .=(src.bowl our.bowl)
+      =,  session-timeout
+      (div (msec:milly ?:(its-a-me auth guest)) 1.000)
+    %-  crip
+      "urbneo-{(scow %p proven)}={(scow:parsing:sr %uv session)}; Path=/; Max-Age={max-age}"
+      :: "urbneo={(scow:parsing:sr %uv session)}; Path=/; Max-Age={max-age}"
+  ++  validate-coki  |=  coki=@t  ^-  (unit @p)
+    ~&  >>  validating-coki=coki
+    =/  cookies  (rush coki cock:de-purl:html)
+    ~&  cookies=cookies
+    ?~  cookies  ~
+    =/  cokis=(list [@t @t])  u.cookies
+    |-
+      ?~  cokis  ~
+      =/  hd  i.cokis
+      :: ?:  (contains:string:sr (trip hd) "urbneo")
+        ~&  key=-.hd
+        =/  hash  (slaw:parsing:sr %uv +.hd)
+        ?~  hash  $(cokis t.cokis)
+        ~&  hash=`@uv`u.hash
+        =/  sess  (~(get by users.sessions) u.hash)
+        ~&  sess=sess
+        ?~  sess  $(cokis t.cokis)
+        `u.sess
+  ++  parse-coki  |=  coki=@t
+    =/  cookies  (rush coki cock:de-purl:html)
+    ?~  cookies  users.sessions
+    =/  cokis=(list [@t @t])  u.cookies
+    |-
+      ?~  cokis  users.sessions
+      =/  hd  i.cokis
+      :: ?:  (contains:string:sr (trip hd) "urbneo")
+      ~&  key=-.hd
+      =/  hash  (slaw:parsing:sr %uv +.hd)
+      ?~  hash  $(cokis t.cokis)
+      =/  sess  (~(get by users.sessions) u.hash)
+      ?~  sess  $(cokis t.cokis)
+      (~(del by users.sessions) u.hash)
+
+  ++  logout  |=  [order-id=@t coki=@t]
+    (self-poke [%logout order-id coki])
+  ++  handle-logout  |=  [order-id=@t coki=@t]
+    ~&  handling-logout=coki
+    =/  new-users  (parse-coki coki)
+    :_  sessions(users new-users)
+    %+  give-simple-payload:app:server
+      order-id
+    (redirect:gen:server '/zodiac/login')
+  --
diff --git a/lib/sortug.hoon b/lib/sortug.hoon
index e86e163..206f23b 100644
--- a/lib/sortug.hoon
+++ b/lib/sortug.hoon
@@ -297,10 +297,10 @@
     =/  clr  (oust [(need off) (lent bit)] tape)
     $(tape :(weld (scag (need off) clr) bot (slag (need off) clr)))
     ::
-  ++  split
-    |=  [str=tape delim=tape]
-      ^-  (list tape)
-      (split-rule str (jest (crip delim)))
+    ++  split
+      |=  [str=tape delim=tape]
+        ^-  (list tape)
+        (split-rule str (jest (crip delim)))
     ++  split-rule
       |*  [str=tape delim=rule]
       ^-  (list tape)