Beispiel #1
0
func Login(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) {
	//	log.Println("route: login")
	var id uint64
	if _, ok := sess.Values["id"]; ok {
		id = sess.Values["id"].(uint64)
	}
	if id == 0 {
		if r.Method != "POST" {
			body, tpl = loginForm(r)
		} else {
			id, err := authenticate(r)
			if err != nil {
				body, tpl = loginForm(r)
			} else {
				sess.Values["id"] = id
				fs := sess.Flashes("redirect")
				redirect = "/"
				if len(fs) > 0 {
					redirect = fs[0].(string)
				}
			}
		}
	} else {
		redirect = "/"
	}
	return
}
Beispiel #2
0
func Reply(file string, w http.ResponseWriter, r *http.Request, session *sessions.Session) {
	buf := bufio.NewWriter(w)
	t, _ := template.ParseFiles(file)
	t.Execute(buf, session)
	session.Save(r, w)
	buf.Flush()
}
Beispiel #3
0
// Save adds a single session to the response.
func (s *redisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
	var err error
	if session.ID == "" {
		var i uint64
		i, err = NoeqClient.GenOne()
		if err != nil {
			return err
		}
		session.ID = strconv.FormatUint(i, 10)
	}
	if err = s.save(session); err != nil {
		return err
	}
	var encoded string
	encoded, err = securecookie.EncodeMulti(session.Name(), &session.ID, s.Codecs...)
	if err != nil {
		return err
	}
	options := s.Options
	if session.Options != nil {
		options = session.Options
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     options.Path,
		Domain:   options.Domain,
		MaxAge:   options.MaxAge,
		Secure:   options.Secure,
		HttpOnly: options.HttpOnly,
	}
	http.SetCookie(w, cookie)
	context.DefaultContext.Clear(r)
	return nil
}
Beispiel #4
0
func (s *MongoStore) load(session *sessions.Session) error {
	mg := &MgSessionTbl{SessionID: []byte(session.ID)}
	err := s.DBCollection.Find(bson.M{"sessionid": []byte(session.ID)}).One(mg)
	if err == nil {
		err = securecookie.DecodeMulti(session.Name(),
			string(mg.Encoded), &session.Values, s.Codecs...)
	}
	return err
}
Beispiel #5
0
func Logout(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) {
	//	log.Println("route: logout")
	sess.Values["id"] = uint64(0)
	redirect = "/"
	fs := sess.Flashes("last")
	if len(fs) != 0 {
		redirect = fs[0].(string)
	}
	return
}
Beispiel #6
0
func (s *MongoStore) save(session *sessions.Session) error {
	encoded, err := securecookie.EncodeMulti(session.Name(),
		session.Values,
		s.Codecs...)
	if err != nil {
		return err
	}
	mg := &MgSessionTbl{
		Encoded:   encoded,
		SessionID: []byte(session.ID),
		Age:       bson.Now(),
	}
	_, err = s.DBCollection.Upsert(bson.M{"sessionid": session.ID}, mg)
	return err
}
Beispiel #7
0
// Save adds a single session to the response.
func (s *DatastoreStore) Save(r *http.Request, w http.ResponseWriter,
	session *sessions.Session) error {
	if session.ID == "" {
		session.ID = string(securecookie.GenerateRandomKey(32))
	}
	if err := s.save(r, session); err != nil {
		return err
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
		s.Codecs...)
	if err != nil {
		return err
	}
	http.SetCookie(w, sessions.NewCookie(session.Name(), encoded,
		session.Options))
	return nil
}
Beispiel #8
0
func killSession(r *http.Request, w http.ResponseWriter, s *sessions.Session) error {
	d := make(chan bool)
	kills <- &sessionAction{"session:" + s.ID, 0, nil, d}
	f := <-d
	if !f {
		return cantKill
	}
	var opts = *sessionStore.Options
	opts.MaxAge = -1
	s.Options = &opts
	// values
	for k, _ := range s.Values {
		delete(s.Values, k)
	}
	s.Save(r, w)
	return nil
}
Beispiel #9
0
// load reads a file and decodes its content into session.Values.
func (s *redisStore) load(session *sessions.Session) error {
	if session.Name() == "remember" {
		return nil
	}
	key := "session:" + session.ID
	se, rerr := RedisClient.Get(key)
	if rerr != nil {
		return rerr
	}
	ss := se.String()
	if ss == "" {
		return nil
	}
	err := securecookie.DecodeMulti(session.Name(), ss, &session.Values, s.Codecs...)
	if err != nil {
		return err
	}
	return nil
}
Beispiel #10
0
// save writes encoded session.Values to a file.
func (s *redisStore) save(session *sessions.Session) error {
	if session.Name() == "remember" {
		return nil
	}
	if len(session.Values) == 0 {
		// Don't need to write anything.
		return nil
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), &session.Values, s.Codecs...)
	if err != nil {
		return err
	}
	d := make(chan bool)
	saves <- &sessionAction{"session:" + session.ID, int64(sessionExpire), encoded, d}
	f := <-d
	if !f {
		return cantSave
	}
	return nil
}
Beispiel #11
0
// New returns a session for the given name without adding it to the registry.
//
// See CookieStore.New().
func (s *redisStore) New(r *http.Request, name string) (*sessions.Session, error) {
	var c *http.Cookie
	var err error
	c, err = r.Cookie(name)
	if err != nil && err != http.ErrNoCookie {
		return nil, err
	}
	var session *sessions.Session
	session = sessions.NewSession(s, name)
	session.IsNew = true

	if c != nil {
		securecookie.DecodeMulti(name, c.Value, &session.ID, s.Codecs...)
		s.load(session)
		if len(session.Values) > 0 {
			session.IsNew = false
		}
	}
	return session, nil
}
Beispiel #12
0
func testSessionFlashes(t *testing.T, store sessions.Store) {
	defer context.Close()

	var req *http.Request
	var rsp *ResponseRecorder
	var hdr http.Header
	var err error
	var ok bool
	var cookies []string
	var session *sessions.Session
	var flashes []interface{}

	// Round 1 ----------------------------------------------------------------

	req = getRequest()
	rsp = NewRecorder()
	// Get a session.
	if session, err = store.Get(req, "session-key"); err != nil {
		t.Fatalf("Error getting session: %v", err)
	}
	// Get a flash.
	flashes = session.Flashes()
	if len(flashes) != 0 {
		t.Errorf("Expected empty flashes; Got %v", flashes)
	}
	// Add some flashes.
	session.AddFlash("foo")
	session.AddFlash("bar")
	// Custom key.
	session.AddFlash("baz", "custom_key")
	// Save.
	if err = sessions.Save(req, rsp); err != nil {
		t.Fatalf("Error saving session: %v", err)
	}
	hdr = rsp.Header()
	cookies, ok = hdr["Set-Cookie"]
	if !ok || len(cookies) != 1 {
		t.Fatalf("No cookies. Header:", hdr)
	}

	// Round 2 ----------------------------------------------------------------

	req = getRequest()
	req.Header.Add("Cookie", cookies[0])
	rsp = NewRecorder()
	// Get a session.
	if session, err = store.Get(req, "session-key"); err != nil {
		t.Fatalf("Error getting session: %v", err)
	}
	// Check all saved values.
	flashes = session.Flashes()
	if len(flashes) != 2 {
		t.Fatalf("Expected flashes; Got %v", flashes)
	}
	if flashes[0] != "foo" || flashes[1] != "bar" {
		t.Errorf("Expected foo,bar; Got %v", flashes)
	}
	flashes = session.Flashes()
	if len(flashes) != 0 {
		t.Errorf("Expected dumped flashes; Got %v", flashes)
	}
	// Custom key.
	flashes = session.Flashes("custom_key")
	if len(flashes) != 1 {
		t.Errorf("Expected flashes; Got %v", flashes)
	} else if flashes[0] != "baz" {
		t.Errorf("Expected baz; Got %v", flashes)
	}
	flashes = session.Flashes("custom_key")
	if len(flashes) != 0 {
		t.Errorf("Expected dumped flashes; Got %v", flashes)
	}
}