56 lines
1.5 KiB
PL/PgSQL
56 lines
1.5 KiB
PL/PgSQL
-- Deploy camper:check_cookie to pg
|
|
-- requires: roles
|
|
-- requires: schema_public
|
|
-- requires: schema_auth
|
|
-- requires: user
|
|
-- requires: company_host
|
|
-- requires: company_user
|
|
|
|
begin;
|
|
|
|
set search_path to public, auth;
|
|
|
|
create or replace function check_cookie(input_cookie text, host text) returns name as
|
|
$$
|
|
declare
|
|
cid text;
|
|
user_email text;
|
|
user_role name;
|
|
user_cookie text;
|
|
begin
|
|
select company_id::text, email::text, role, cookie
|
|
into cid, user_email, user_role, user_cookie
|
|
from "user"
|
|
join company_user using (user_id)
|
|
join public.company_host using (company_id)
|
|
where email = split_part(input_cookie, '/', 2)
|
|
and cookie_expires_at > current_timestamp
|
|
and length(password) > 0
|
|
and cookie = split_part(input_cookie, '/', 1)
|
|
and company_host.host = check_cookie.host
|
|
;
|
|
if user_role is null then
|
|
cid := '0';
|
|
user_email := '';
|
|
user_cookie := '';
|
|
user_role := 'guest'::name;
|
|
end if;
|
|
perform set_config('request.user.email', user_email, false);
|
|
perform set_config('request.user.cookie', user_cookie, false);
|
|
perform set_config('request.company.id', cid, false);
|
|
return user_role;
|
|
end;
|
|
$$
|
|
language plpgsql
|
|
security definer
|
|
stable
|
|
set search_path = auth, camper, pg_temp;
|
|
|
|
comment on function check_cookie(text, text) is
|
|
'Checks whether a given cookie is for a valid users, returning their role, and setting current_user_email and current_user_cookie';
|
|
|
|
revoke execute on function check_cookie(text, text) from public;
|
|
grant execute on function check_cookie(text, text) to authenticator;
|
|
|
|
commit;
|