3 no if $] >= 5.017011, warnings
=> 'experimental::smartmatch';
6 use Plack
::App
::Gruntmaster
;
9 use Digest
::SHA qw
/sha256/;
11 use Tie
::Hash
::Expire
;
13 use constant AUTH_TIMEOUT
=> 5 * 60;
14 use constant ACCESSLOG_FORMAT
=> '%{X-Forwarded-For}i|%h %u "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
15 use constant CONTENT_SECURITY_POLICY
=> q
,default-src
'none'; script
-src
'self' www
.google
-analytics
.com
; style
-src
'self'; img
-src
'self'; connect-src
'self'; frame
-src
'free.timeanddate.com',;
17 my $db = Gruntmaster
::Data
->connect('dbi:Pg:');
19 tie
my %auth, 'Tie::Hash::Expire', {expire_seconds
=> 300};
22 my ($user, $pass, $env) = @_;
23 say "Checking $user and $pass";
24 my $key = sha256
"$user:$pass";
25 $env->{'gruntmaster.user'} = $user;
26 return 1 if exists $auth{$key};
27 return unless $db->user($user) && $db->user($user)->check_passphrase($pass);
31 Log
::Log4perl
->init('log.conf');
32 my $access_logger = Log
::Log4perl
->get_logger('access');
33 $ENV{DBIC_NULLABLE_KEY_NOWARN
} = 1;
36 enable
'AccessLog', format
=> ACCESSLOG_FORMAT
, logger
=> sub { $access_logger->info(@_) };
37 enable
'ContentLength';
38 enable Header
=> set
=> ['Content-Security-Policy', CONTENT_SECURITY_POLICY
];
39 enable_if
{ $_[0]->{PATH_INFO
} =~ qr
,^/static/,} Header
=> set
=> ['Cache-Control', 'public, max-age=604800'];
40 enable
'Static', path
=> qr
,^/static/,;
41 enable
'Log4perl', category
=> 'plack';
42 enable_if
{ shift->{HTTP_WWW_AUTHENTICATE
} } 'Auth::Basic', authenticator
=> \
&authenticate
, realm
=> 'Gruntmaster 6000';
43 enable_if
{ $_[0]->{PATH_INFO
} eq '/ok' } sub { sub{ [200, [], []] }};
44 enable
sub { my $app = $_[0]; sub { $_[0]->{'gruntmaster.dbic'} = $db; $app->($_[0]) } };
45 Plack
::App
::Gruntmaster
->run_if_script