X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2FCurrentUser.pm;h=a1b57cbfbba34d5adf0d3865828ec2d6ff617fc8;hb=16062ec78d33d4d3b9c996eb057a331837fc65f8;hp=a2dfd714c586e94932ab1a42256624f0c635690a;hpb=22beb7aa1be0c71984c87fed7982299c315ce254;p=freeside.git

diff --git a/FS/FS/CurrentUser.pm b/FS/FS/CurrentUser.pm
index a2dfd714c..a1b57cbfb 100644
--- a/FS/FS/CurrentUser.pm
+++ b/FS/FS/CurrentUser.pm
@@ -22,7 +22,7 @@ sub load_user {
   my( $class, $user ) = @_; #, $pass
 
   if ( $upgrade_hack ) {
-    return new FS::CurrentUser::BootstrapUser;
+    return $CurrentUser = new FS::CurrentUser::BootstrapUser;
   }
 
   #return "" if $user =~ /^fs_(queue|selfservice)$/;
@@ -36,6 +36,7 @@ sub load_user {
   $CurrentUser = qsearchs('access_user', {
     'username' => $user,
     #'_password' =>
+    'disabled' => '',
   } );
 
   die "unknown user: $user" unless $CurrentUser; # or bad password
@@ -43,6 +44,62 @@ sub load_user {
   $CurrentUser;
 }
 
+=item new_session
+
+Creates a new session for the current user and returns the session key
+
+=cut
+
+use vars qw( @saltset );
+@saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '+' , '/' );
+
+sub new_session {
+  my( $class ) = @_;
+
+  #not the best thing in the world...
+  eval "use FS::access_user_session;";
+  die $@ if $@;
+
+  my $sessionkey = join('', map $saltset[int(rand(scalar @saltset))], 0..39);
+
+  my $access_user_session = new FS::access_user_session {
+    'sessionkey' => $sessionkey,
+    'usernum'    => $CurrentUser->usernum,
+    'start_date' => time,
+  };
+  my $error = $access_user_session->insert;
+  die $error if $error;
+
+  return $sessionkey;
+
+}
+
+=item load_user_session SESSION_KEY
+
+Sets the current user via the provided session key
+
+=cut
+
+sub load_user_session {
+  my( $class, $sessionkey ) = @_;
+
+  #not the best thing in the world...
+  eval "use FS::Record qw(qsearchs);";
+  die $@ if $@;
+  eval "use FS::access_user_session;";
+  die $@ if $@;
+
+  $CurrentSession = qsearchs('access_user_session', {
+    'sessionkey' => $sessionkey,
+    #XXX check for timed out but not-yet deleted sessions here
+  }) or return '';
+
+  $CurrentSession->touch_last_date;
+
+  $CurrentUser = $CurrentSession->access_user;
+
+}
+
 =head1 BUGS
 
 Creepy crawlies