Perl CGI – Session en Cookie howto
Inleiding –
Bijna 1 jaar terug, worstelde ik veel voor de uitvoering van sessie en cookie in Perl CGI-toepassing. Dus dacht om mijn werk met jullie allemaal delen.
Ik wilde het doen op mijn manier …
Aanname, is uw webserver bijvoorbeeld Apache ingesteld om CGI-scripts draaien
Step 1] Write Auth.pm Perl module –
Please simply copy following Auth.pm perl module for authentication using Session and Cookies…
[root@arun ~]# cat /var/application/module/Auth.pm
package Auth;
### Subroutine to authenticate user
sub User
{
my ($ref_page) = (@_);
### Session information
my $sid = $ref_page->cookie(“APP_SID”) || undef;
my $session = CGI::Session->load(undef,$sid);
if ( $session->is_expired ) { print $ref_page->redirect(-location => ‘../arun.html’);}
elsif ( $session->is_empty) { print $ref_page->redirect(-location => ‘../arun.html’);}
else { print $ref_page->header();}
# don’t forget to create dir ‘/var/tmp’
# with proper ownership/permission
#$session = new CGI::Session(undef, $sid, {Directory=>’/var/tmp’});
#################################################
return($session->param(‘login_user’));
}
1;
[root@arun ~]#
Step 2] authe_me.pl –
authe_me.pl file is used to set cookies and verify username/password. You may use MySQL DB to store username and password.
In this case you have to this file…
[root@arun ~]# cat /var/application/www/cgi-bin/auth_me.pl
#!/usr/bin/perl
sub BEGIN
{
unshift (@INC, ‘/var/application/module/’);
}
use strict;
use warnings;
use CGI qw(:standard);
use CGI::Session;
use Auth; ## our module
### Header
########################
my $page = CGI->new();
##print $page->header();
##########
if ( $ENV{REQUEST_METHOD} eq “POST” )
{
my %form;
my $session_dir=”/var/tmp”;
my ($admin_user,$admin_password) = (“admin”,”arun123″);
foreach my $key (param()) { $form{$key} = param($key);}
##
if (($form{username}) && ($form{password}))
{
### Session Details ###
CGI::Session->name(“APP_SID”);
## Create new session
my $session = new CGI::Session(undef, undef, {Directory=>$session_dir});
## Set cookies
my $cookie = $page->cookie(-name=>$session->name(),-value=>$session->id(),-expires=>’+2h’,-path=>’/’);
## Store data in session variable and save it
$session->param(‘login_user’,$form{username}); # OR
##$session->param(-name=>’login_user’,-value=>$form{username});
$session->save_param($page, [“login_user”]);
## Session and Cookie expiration time is SAME.
$session->expire(“+2h”);
#### Session Details end ####
## if login successful redirect to main.pl else login page
if (($form{username} eq $admin_user) and ($form{password} eq $admin_password))
{ print $page->redirect(-location => ‘main.pl’,-cookie=>$cookie);}
else { print $page->redirect(-location => ‘../arun.html’); }
############################
} else { print $page->redirect(-location => ‘../arun.html’); }
}
[root@arun ~]#
Step 3] Create Login Page –
[root@arun ~]# cat /var/application/www/arun.html
<html>
<title>Arun Login Page</title>
<!– Form start –>
<table align=’center’ border=’1′>
<form method=”POST” action=”cgi-bin/auth_me.pl”>
<tr>
<td><label>Login</label></td>
<td><input name=”username” type=”text”></td>
</tr>
<tr>
<td><label>Password</label></td>
<td><input name=”password” type=”password”><br/></td>
</tr>
<tr>
<td><input value=”Submit” type=”submit”></td>
</tr>
</form>
</table>
</html>
[root@arun ~]#
Step 4] Create main page where Session and Cookie authentication verified – main.pl
[root@arun ~]# cat /var/application/www/cgi-bin/main.pl
#!/usr/bin/perl
sub BEGIN
{
unshift (@INC, ‘/var/application/module/’);
}
use strict;
use warnings;
use CGI qw(:standard);
use CGI::Session;
use Auth;
### Header
my $page = CGI->new();
## check authentication
my $login_name=Auth::User($page);
###
print $page->start_html( -title=>’Arun Main Page’);
print “<h3>This is Main Page</h3></br>”;
print “<br>Login Name – $login_name”;
#end
[root@arun ~]#
Step 5] Please access login page and try http://your_ipaddr/arun.html
Thank you,
Arun Bagul