ad_user_login { -forever f } db user_idWhat it does:
Logs the user in, forever (via the user_login cookie) if -forever is true.Defined in: /web/philip/packages/acs-core/security-procs.tcl
Source code:
arg_parser_for_ad_user_login $args
global ad_conn
set ad_conn(user_id) $user_id
set user_id_for_update [ad_decode $user_id 0 "null" $user_id]
sec_generate_session_id_cookie
ns_db dml $db "
update sec_sessions
set user_id = $user_id_for_update
where session_id = [ad_get_session_id]
"
util_memoize_flush "sec_get_session_info [ad_get_session_id]"
if { $user_id == 0 } {
# Hose the user's permanent-login token.
ad_set_cookie -max_age 0 ad_user_login ""
}
if { $forever == "t" && $user_id != 0 } {
if { [ad_secure_conn_p] } {
set secure "t"
} else {
set secure "f"
}
set login_token [sec_random_token]
# To avoid having more than one token inserted, do an INSERT WHERE
# and then select the token back.
ns_db dml $db "
insert into sec_login_tokens(user_id, password, login_token)
select user_id, password, '$login_token'
from users
where user_id = $user_id
and (select count(*) from sec_login_tokens where user_id = $user_id) = 0
"
set login_token [database_to_tcl_string $db "
select login_token
from users u, sec_login_tokens t
where u.user_id = $user_id
and t.user_id = $user_id
and u.password = t.password
"]
ad_set_cookie -expires never -secure $secure ad_user_login [ns_urlencode "$user_id,$login_token"]
}