revert incorrect commit

This reverts commit a57b33b.
mugenken · Apr 28, 2011 · 2e2feac · 2e2feac
1 parent a57b33b
commit 2e2feac
Show file tree

Hide file tree

Showing 3 changed files with 68 additions and 21 deletions.
diff --git a/lib/CiderWebmail/Controller/Root.pm b/lib/CiderWebmail/Controller/Root.pm
@@ -58,7 +58,7 @@ sub auto : Private {
 
     if ($c->sessionid and $c->session->{'username'} and $c->req->cookie('password')) {
         $c->stash->{server} = $c->session->{server};
-        if ($c->authenticate({id => $c->session->{'username'}, password => CiderWebmail::Util::decrypt($c, { string => $c->req->cookie('password')->value }) })) {
+        if ($c->authenticate({id => $c->session->{'username'}, password => CiderWebmail::Util::decrypt($c, { username => $c->session->{'username'}, string => $c->req->cookie('password')->value }) })) {
             $c->stash( headercache => CiderWebmail::Headercache->new(c => $c) );
 
             #IMAPClient setup
@@ -102,8 +102,8 @@ sub login : Private {
 
     if ($user_data{username} and $user_data{password}) {
         if ($c->authenticate(\%user_data)) {
+            $c->res->cookies->{$_} = { expires => '+1d', value => CiderWebmail::Util::crypt($c, { username => $user_data{'username'}, string => $user_data{$_} }) } foreach qw(password); # save for repeated IMAP authentication
             $c->session->{$_} = $user_data{$_} foreach qw(username server); # save for repeated IMAP authentication
-            $c->res->cookies->{$_} = { expires => '+1d', value => CiderWebmail::Util::encrypt($c, { string => $user_data{$_} }) } foreach qw(password); # save for repeated IMAP authentication
 
             my @supported = $c->stash->{imapclient}->capability;
 

diff --git a/lib/CiderWebmail/DB/Result/DbVersion.pm b/lib/CiderWebmail/DB/Result/DbVersion.pm
@@ -0,0 +1,42 @@
+package CiderWebmail::DB::Result::DbVersion;
+
+# Created by DBIx::Class::Schema::Loader
+# DO NOT MODIFY THE FIRST PART OF THIS FILE
+
+use strict;
+use warnings;
+
+use base 'DBIx::Class::Core';
+
+
+=head1 NAME
+
+CiderWebmail::DB::Result::DbVersion
+
+=cut
+
+__PACKAGE__->table("db_version");
+
+=head1 ACCESSORS
+
+=head2 version
+
+  data_type: 'int'
+  default_value: 0
+  is_nullable: 0
+
+=cut
+
+__PACKAGE__->add_columns(
+  "version",
+  { data_type => "int", default_value => 0, is_nullable => 0 },
+);
+__PACKAGE__->set_primary_key("version");
+
+
+# Created by DBIx::Class::Schema::Loader v0.07010 @ 2011-04-19 22:10:08
+# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:xCcMFo7HtoQz9rauno9ZsA
+
+
+# You can replace this text with custom code or comments, and it will be preserved on regeneration
+1;
diff --git a/lib/CiderWebmail/Util.pm b/lib/CiderWebmail/Util.pm
@@ -183,28 +183,29 @@ sub message_group_name {
     return $name;
 }
 
-=head2 encrypt({ string => $string })
+=head2 crypt({ username => $username, string => $string })
 
 encrypt a string
 
 =cut
 
-sub encrypt {
+sub crypt {
     my ($c, $o) = @_;
 
-    croak("empty string passed to CiderWebmail::Util::decrypt") unless defined($o->{string});
-    croak("cannot encrypt without active session") unless $c->sessionid;
-
+    croak unless defined $o->{username};
+    die("empty string passed to CiderWebmail::Util::crypt") unless defined($o->{string});
     my $util = Crypt::Util->new;
 
-    my $key = CiderWebmail::Util::get_key($c);
+    my $key = CiderWebmail::Util::get_key($c, $o);
     croak("invalid key passed to CiderWebmail::Util::crypt") unless (defined($key) && (length($key) > 20));
 
     $util->default_key($key);
-    return $util->encode_string_uri_base64( $util->encrypt_string($o->{string}) );
+    my $string = $util->encode_string_uri_base64( $util->encrypt_string($o->{string}) );
+
+    return $string;
 }
 
-=head2 decrypt({ string => $string })
+=head2 decrypt({ username => $username, string => $string })
 
 decrypt a string
 
@@ -213,16 +214,16 @@ decrypt a string
 sub decrypt {
     my ($c, $o) = @_;
 
+    croak unless defined $o->{username};
     croak("empty string passed to CiderWebmail::Util::decrypt") unless defined($o->{string});
-    croak("cannot decrypt without active session") unless $c->sessionid;
-
     my $util = Crypt::Util->new;
-    my $key = CiderWebmail::Util::get_key($c);
 
+    my $key = CiderWebmail::Util::get_key($c, $o);
     croak("invalid key passed to CiderWebmail::Util::crypt") unless (defined($key) && (length($key) > 20));
-
     $util->default_key($key);
-    return $util->decrypt_string( $util->decode_string_uri_base64( $o->{string} ) );
+    my $string = $util->decrypt_string( $util->decode_string_uri_base64( $o->{string} ) );
+
+    return $string;
 }
 
 =head2 get_key()
@@ -236,14 +237,18 @@ if no key exists one will be created
 sub get_key {
     my ($c, $o) = @_;
 
-    croak("cannot fetch encryption key without active session") unless $c->sessionid;
+    croak unless defined $o->{username};
+
+    my $settings = $c->model('DB::Settings')->find_or_new({user => $o->{'username'} });
 
-    if (defined($c->session->{encryption_key}) && (length($c->session->{encryption_key}) > 20)) {
-        return $c->session->{encryption_key};
+    if (defined($settings->encryption_key) && (length($settings->encryption_key) > 20)) {
+        return $settings->encryption_key;
     }  else {
-        $c->session->{encryption_key} = encode_base64(get_weak(35));
-        chomp($c->session->{encryption_key});
-        return $c->session->{encryption_key};
+        my $new_key = encode_base64(get_weak(35));
+        chomp($new_key);
+        $settings->set_column(encryption_key => $new_key);
+        $settings->update_or_insert();
+        return $settings->encryption_key;
     }
 }