Session.lua: Difference between revisions

From Alpine Linux
No edit summary
Line 3: Line 3:


'''INPUT:'''<BR>
'''INPUT:'''<BR>
hash size, in bits
* size
** Hash size, in bits
'''OUTPUT:'''<BR>
'''OUTPUT:'''<BR>
A base64 encoded hash of at least ''bits'' length.
* A base64 encoded hash of at least ''size'' length
* HASH
** Comes from reading /dev/urandom
** Comes from reading /dev/urandom
'''CODING EXAMPLE:'''
'''CODING EXAMPLE:'''
Line 12: Line 12:
  bobo = require "session"
  bobo = require "session"
  print(bobo.random_hash(100))
  print(bobo.random_hash(100))
will output a hash from /dev/urandom that is 17 char long
Will output a hash from /dev/urandom that is 17 char long


=== hash_ip_addr ===
=== hash_ip_addr ===
Takes an ip address string and returns a HEX encoded version.
'''INPUT:'''<BR>
'''INPUT:'''<BR>
This library required the following inputs/parameters.
* String containing an ip address
* ip address
'''OUTPUT:'''<BR>
'''OUTPUT:'''<BR>
This library deliverers the following output/parameters.
* HEX encoded ip address
* HEX incoded ip address
'''CODING EXAMPLE:'''
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
  -- Set variable/Call for this library
Line 29: Line 29:


=== ip_addr_from_hash ===
=== ip_addr_from_hash ===
Takes a HEX encoded ip address and returns an ip address string.
'''INPUT:'''<BR>
'''INPUT:'''<BR>
This library required the following inputs/parameters.
* HEX encoded ip address
* HEX encoded ip address
'''OUTPUT:'''<BR>
'''OUTPUT:'''<BR>
This library deliverers the following output/parameters.
* String containing an ip address
* ip address
'''CODING EXAMPLE:'''
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
  -- Set variable/Call for this library
Line 43: Line 43:


=== serialize ===
=== serialize ===
Takes an input variable and name and returns a string containing LUA code to generate the variable.
'''INPUT:'''<BR>
'''INPUT:'''<BR>
This library required the following inputs/parameters.
* name
* name
** Name of the variable / table to serialize
** Name of the variable / table to serialize
* value
* value
** Value of the variable / table to serialize.
** Value of the variable / table to serialize
* saved
* saved
** Used internally by recursive function to keep track of progress.
** Used internally by recursive function to keep track of progress.
'''OUTPUT:'''<BR>
'''OUTPUT:'''<BR>
This library deliverers the following output/parameters.
* String with the table serialized
* string with the table serialized
'''CODING EXAMPLE:'''
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
  -- Set variable/Call for this library
Line 60: Line 60:
  stuff = bobo.serialize("t",t)
  stuff = bobo.serialize("t",t)
  print(stuff)
  print(stuff)
Output:
  t = {}
  t = {}
  t[1] = "one"
  t[1] = "one"
Line 72: Line 73:


=== save_session ===
=== save_session ===
Saves a serialized user session to a file.
'''INPUT:'''<BR>
'''INPUT:'''<BR>
This library required the following inputs/parameters.
* sessionpath
* sessionpath,session,sessiontable
** Path where session file is to be saved
* sessiontable
** User session
'''OUTPUT:'''<BR>
'''OUTPUT:'''<BR>
This library deliverers the following output/parameters.
* true if success, false if error
* true is success, false if error
'''CODING EXAMPLE:'''
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
  -- Set variable/Call for this library
  bobo = require "session"
  bobo = require "session"
  print(bobo.save_session("tmp", session, sessiontable)
  print(bobo.save_session("tmp", session, sessiontable)
  -- will print true is success
Will print true if success or false if failed
  -- false if failed
 
=== load_session ===
Loads a serialized user session from a file.
 
'''INPUT:'''<BR>
* sessionpath
** Path where session file is saved
* session
** Session id
'''OUTPUT:'''<BR>
* ts
** Timestamp when the session was saved
* sessiontable
** User session
'''CODING EXAMPLE:'''
-- Set variable/Call for this library
bobo = require "session"
ts, sess = bobo.load_session("tmp", "OPRfhPH3rq2p8tpG978oiql8vy58tr9q3ghiUIH")
Will load the session into ''sess'' if available.
 
=== unlink_session ===
Deletes a saved session file.
 
'''INPUT:'''<BR>
* sessionpath
** Path where session file is saved
* session
** Session id
'''OUTPUT:'''<BR>
* ''nil'' if failed
'''CODING EXAMPLE:'''
-- Set variable/Call for this library
bobo = require "session"
result = bobo.unlink_session("tmp", "OPRfhPH3rq2p8tpG978oiql8vy58tr9q3ghiUIH")
Will delete the session if it exists.
 
=== record_event ===
Record an invalid login attempt by creating a zero-length file.
 
'''INPUT:'''<BR>
* sessionpath
** Path where event file is to be saved
* id_u
** First id string, typically username
* id_ip
** Second id string, typically hashed ip address
'''OUTPUT:'''<BR>
* none
'''CODING EXAMPLE:'''
-- Set variable/Call for this library
bobo = require "session"
result = bobo.record_event("tmp", username, hash_ip_addr(ipaddr))
Will create an event file for this user and ip address.
 
=== count_events ===
Count how many invalid user attempts have occured for this id in the last 30 minutes.
 
'''INPUT:'''<BR>
* sessionpath
** Path where event files are saved
* id_u
** First id string, typically username
* id_ip
** Second id string, typically hashed ip address
'''OUTPUT:'''<BR>
* blockaccess
** True if more than 10 events.
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
bobo = require "session"
print(bobo.count_events("tmp", username, hash_ip_addr(ipaddr)))
Output true if more than 10 lockevents.
 
=== expired_events ===
Clear the invalid user attempts and saved user sessions that are older than 30 minutes.
 
'''INPUT:'''<BR>
* sessionpath
** Path where event files are saved
'''CODING EXAMPLE:'''
  -- Set variable/Call for this library
bobo = require "session"
bobo.expired_events("tmp")
Deletes the events and sessions more that 30 minutes old.

Revision as of 18:15, 8 July 2008

random_hash

Returns a base64 encoded hash, using _- as the extra characters, as these are safe for using in a URL.

INPUT:

  • size
    • Hash size, in bits

OUTPUT:

  • A base64 encoded hash of at least size length
    • Comes from reading /dev/urandom

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
print(bobo.random_hash(100))

Will output a hash from /dev/urandom that is 17 char long

hash_ip_addr

Takes an ip address string and returns a HEX encoded version.

INPUT:

  • String containing an ip address

OUTPUT:

  • HEX encoded ip address

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
print(bobo.hash_ip_addr("192.168.10.1))

Output could be:

c0a80a01

ip_addr_from_hash

Takes a HEX encoded ip address and returns an ip address string.

INPUT:

  • HEX encoded ip address

OUTPUT:

  • String containing an ip address

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
print(bobo.ip_addr_from_hash("c0a80a01")

Output could be:

192.168.10.1

serialize

Takes an input variable and name and returns a string containing LUA code to generate the variable.

INPUT:

  • name
    • Name of the variable / table to serialize
  • value
    • Value of the variable / table to serialize
  • saved
    • Used internally by recursive function to keep track of progress.

OUTPUT:

  • String with the table serialized

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
t = {foo={1,2,3,4}, "one", "two", "bar", "baz"}
stuff = bobo.serialize("t",t)
print(stuff)

Output:

t = {}
t[1] = "one"
t[2] = "two"
t[3] = "bar"
t[4] = "baz"
t["foo"] = {}
t["foo"][1] = 1
t["foo"][2] = 2
t["foo"][3] = 3
t["foo"][4] = 4

save_session

Saves a serialized user session to a file.

INPUT:

  • sessionpath
    • Path where session file is to be saved
  • sessiontable
    • User session

OUTPUT:

  • true if success, false if error

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
print(bobo.save_session("tmp", session, sessiontable)

Will print true if success or false if failed

load_session

Loads a serialized user session from a file.

INPUT:

  • sessionpath
    • Path where session file is saved
  • session
    • Session id

OUTPUT:

  • ts
    • Timestamp when the session was saved
  • sessiontable
    • User session

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
ts, sess = bobo.load_session("tmp", "OPRfhPH3rq2p8tpG978oiql8vy58tr9q3ghiUIH")

Will load the session into sess if available.

unlink_session

Deletes a saved session file.

INPUT:

  • sessionpath
    • Path where session file is saved
  • session
    • Session id

OUTPUT:

  • nil if failed

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
result = bobo.unlink_session("tmp", "OPRfhPH3rq2p8tpG978oiql8vy58tr9q3ghiUIH")

Will delete the session if it exists.

record_event

Record an invalid login attempt by creating a zero-length file.

INPUT:

  • sessionpath
    • Path where event file is to be saved
  • id_u
    • First id string, typically username
  • id_ip
    • Second id string, typically hashed ip address

OUTPUT:

  • none

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
result = bobo.record_event("tmp", username, hash_ip_addr(ipaddr))

Will create an event file for this user and ip address.

count_events

Count how many invalid user attempts have occured for this id in the last 30 minutes.

INPUT:

  • sessionpath
    • Path where event files are saved
  • id_u
    • First id string, typically username
  • id_ip
    • Second id string, typically hashed ip address

OUTPUT:

  • blockaccess
    • True if more than 10 events.

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
print(bobo.count_events("tmp", username, hash_ip_addr(ipaddr)))

Output true if more than 10 lockevents.

expired_events

Clear the invalid user attempts and saved user sessions that are older than 30 minutes.

INPUT:

  • sessionpath
    • Path where event files are saved

CODING EXAMPLE:

-- Set variable/Call for this library
bobo = require "session"
bobo.expired_events("tmp")

Deletes the events and sessions more that 30 minutes old.