X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=app.psgi;h=be72e9b18b9bd2fa4dd7ea7317d41d84a44e035c;hb=e892a76a1aed693d33fba7f0015f42824ecf4dbb;hp=85e8847a44e8b7420e8cefca46ec862075f06cfe;hpb=be1da3f93234c402d5679e6028ae8a2bb915185a;p=gruntmaster-page.git

diff --git a/app.psgi b/app.psgi
index 85e8847..be72e9b 100644
--- a/app.psgi
+++ b/app.psgi
@@ -5,14 +5,11 @@ no if $] >= 5.017011, warnings => 'experimental::smartmatch';
 use Gruntmaster::Data;
 use Plack::App::Gruntmaster;
 use Plack::Builder;
-use Plack::Request;
 use Plack::Util;
-use Digest::SHA qw/sha256/;
 use Log::Log4perl;
-use Tie::Hash::Expire;
 
 use constant AUTH_TIMEOUT => 5 * 60;
-use constant ACCESSLOG_FORMAT => 'combined';
+use constant ACCESSLOG_FORMAT => '%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
 
 sub CONTENT_SECURITY_POLICY () {
 	my $csp = <<CSP;
@@ -20,10 +17,10 @@ default-src 'none'
 connect-src 'self'
 form-action 'self'
 frame-ancestors 'none'
-img-src 'self'
+img-src 'self' https://static.mindcoding.ro https://www.google-analytics.com/collect
 referrer origin-when-cross-origin
-script-src 'self'
-style-src 'self'
+script-src https://static.mindcoding.ro/static/js.js https://www.google-analytics.com/analytics.js
+style-src https://static.mindcoding.ro/static/css/
 CSP
 	chomp $csp;
 	$csp =~ s/\n/; /gr;
@@ -31,17 +28,6 @@ CSP
 
 my $db;
 
-tie my %auth, 'Tie::Hash::Expire', {expire_seconds => AUTH_TIMEOUT};
-
-sub authenticate {
-	my ($user, $pass, $env) = @_;
-	my $key = sha256 "$user:$pass";
-	$env->{'gruntmaster.user'} = $user;
-	return 1 if exists $auth{$key};
-	return unless $db->user($user) && $db->user($user)->check_passphrase($pass);
-	$auth{key} = 1;
-}
-
 sub add_database {
 	my $app = $_[0];
 	sub {
@@ -76,6 +62,9 @@ builder {
 	enable 'Static', path => qr,^/static/,;
 	enable 'Log4perl', category => 'plack';
 	enable \&add_database;
-	enable_if { shift->{HTTP_AUTHORIZATION} } 'Auth::Basic', authenticator => \&authenticate, realm => 'Gruntmaster 6000';
+	enable '+Plack::App::Gruntmaster::Auth',
+	  dbi_connect => [$ENV{GRUNTMASTER_DSN} // 'dbi:Pg:', '', ''],
+	  realm       => 'Gruntmaster 6000',
+	  mail_from   => $ENV{GRUNTMASTER_RESET_FROM};
 	Plack::App::Gruntmaster->run_if_script
 }