From 294b1d6058ae5b893ce4682ba582c5e8e0c15555 Mon Sep 17 00:00:00 2001 From: kload Date: Mon, 4 May 2015 19:29:55 +0200 Subject: [PATCH] [fix] Use 'cache' shared table to store CDA keys and avoid infinite redirections --- access.lua | 13 +++++++------ init.lua | 2 -- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/access.lua b/access.lua index 34c8451..8ef415d 100644 --- a/access.lua +++ b/access.lua @@ -43,12 +43,13 @@ if ngx.var.host ~= conf["portal_domain"] and ngx.var.request_method == "GET" the if uri_args[conf.login_arg] then cda_key = uri_args[conf.login_arg] - -- Use the `login` shared table where a username is associated with + -- Use the `cache` shared table where a username is associated with -- a CDA key - if login[cda_key] then - hlp.set_auth_cookie(login[cda_key], ngx.var.host) - ngx.log(ngx.NOTICE, "Cross-domain authentication: "..login[cda_key].." connected on "..ngx.var.host) - login[cda_key] = nil + user = cache:get(cda_key) + if user then + hlp.set_auth_cookie(user, ngx.var.host) + ngx.log(ngx.NOTICE, "Cross-domain authentication: "..user.." connected on "..ngx.var.host) + cache:delete(cda_key) end uri_args[conf.login_arg] = nil @@ -99,7 +100,7 @@ then if not string.match(back_url, "^http[s]?://"..ngx.var.host.."/") and not string.match(back_url, ".*"..conf.login_arg.."=%d+$") then cda_key = random_string() - login[cda_key] = ngx.var.cookie_SSOwAuthUser + cache:set(cda_key, ngx.var.cookie_SSOwAuthUser, 10) if string.match(back_url, ".*?.*") then back_url = back_url.."&" else diff --git a/init.lua b/init.lua index 02371c8..cbbe0e5 100644 --- a/init.lua +++ b/init.lua @@ -24,8 +24,6 @@ socket = require "socket" -- Persistent shared table flashs = {} -login = {} -logout = {} i18n = {} -- Efficient function to get a random string