func Login(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) {
// log.Println("route: login")
var id uint64
if _, ok := sess.Values["id"]; ok {
id = sess.Values["id"].(uint64)
}
if id == 0 {
if r.Method != "POST" {
body, tpl = loginForm(r)
} else {
id, err := authenticate(r)
if err != nil {
body, tpl = loginForm(r)
} else {
sess.Values["id"] = id
fs := sess.Flashes("redirect")
redirect = "/"
if len(fs) > 0 {
redirect = fs[0].(string)
}
}
}
} else {
redirect = "/"
}
return
}
func Reply(file string, w http.ResponseWriter, r *http.Request, session *sessions.Session) {
buf := bufio.NewWriter(w)
t, _ := template.ParseFiles(file)
t.Execute(buf, session)
session.Save(r, w)
buf.Flush()
}
// Save adds a single session to the response.
func (s *redisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
var err error
if session.ID == "" {
var i uint64
i, err = NoeqClient.GenOne()
if err != nil {
return err
}
session.ID = strconv.FormatUint(i, 10)
}
if err = s.save(session); err != nil {
return err
}
var encoded string
encoded, err = securecookie.EncodeMulti(session.Name(), &session.ID, s.Codecs...)
if err != nil {
return err
}
options := s.Options
if session.Options != nil {
options = session.Options
}
cookie := &http.Cookie{
Name: session.Name(),
Value: encoded,
Path: options.Path,
Domain: options.Domain,
MaxAge: options.MaxAge,
Secure: options.Secure,
HttpOnly: options.HttpOnly,
}
http.SetCookie(w, cookie)
context.DefaultContext.Clear(r)
return nil
}
func (s *MongoStore) load(session *sessions.Session) error {
mg := &MgSessionTbl{SessionID: []byte(session.ID)}
err := s.DBCollection.Find(bson.M{"sessionid": []byte(session.ID)}).One(mg)
if err == nil {
err = securecookie.DecodeMulti(session.Name(),
string(mg.Encoded), &session.Values, s.Codecs...)
}
return err
}
func Logout(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) {
// log.Println("route: logout")
sess.Values["id"] = uint64(0)
redirect = "/"
fs := sess.Flashes("last")
if len(fs) != 0 {
redirect = fs[0].(string)
}
return
}
func (s *MongoStore) save(session *sessions.Session) error {
encoded, err := securecookie.EncodeMulti(session.Name(),
session.Values,
s.Codecs...)
if err != nil {
return err
}
mg := &MgSessionTbl{
Encoded: encoded,
SessionID: []byte(session.ID),
Age: bson.Now(),
}
_, err = s.DBCollection.Upsert(bson.M{"sessionid": session.ID}, mg)
return err
}
// Save adds a single session to the response.
func (s *DatastoreStore) Save(r *http.Request, w http.ResponseWriter,
session *sessions.Session) error {
if session.ID == "" {
session.ID = string(securecookie.GenerateRandomKey(32))
}
if err := s.save(r, session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded,
session.Options))
return nil
}
func killSession(r *http.Request, w http.ResponseWriter, s *sessions.Session) error {
d := make(chan bool)
kills <- &sessionAction{"session:" + s.ID, 0, nil, d}
f := <-d
if !f {
return cantKill
}
var opts = *sessionStore.Options
opts.MaxAge = -1
s.Options = &opts
// values
for k, _ := range s.Values {
delete(s.Values, k)
}
s.Save(r, w)
return nil
}
// load reads a file and decodes its content into session.Values.
func (s *redisStore) load(session *sessions.Session) error {
if session.Name() == "remember" {
return nil
}
key := "session:" + session.ID
se, rerr := RedisClient.Get(key)
if rerr != nil {
return rerr
}
ss := se.String()
if ss == "" {
return nil
}
err := securecookie.DecodeMulti(session.Name(), ss, &session.Values, s.Codecs...)
if err != nil {
return err
}
return nil
}
// save writes encoded session.Values to a file.
func (s *redisStore) save(session *sessions.Session) error {
if session.Name() == "remember" {
return nil
}
if len(session.Values) == 0 {
// Don't need to write anything.
return nil
}
encoded, err := securecookie.EncodeMulti(session.Name(), &session.Values, s.Codecs...)
if err != nil {
return err
}
d := make(chan bool)
saves <- &sessionAction{"session:" + session.ID, int64(sessionExpire), encoded, d}
f := <-d
if !f {
return cantSave
}
return nil
}
// New returns a session for the given name without adding it to the registry.
//
// See CookieStore.New().
func (s *redisStore) New(r *http.Request, name string) (*sessions.Session, error) {
var c *http.Cookie
var err error
c, err = r.Cookie(name)
if err != nil && err != http.ErrNoCookie {
return nil, err
}
var session *sessions.Session
session = sessions.NewSession(s, name)
session.IsNew = true
if c != nil {
securecookie.DecodeMulti(name, c.Value, &session.ID, s.Codecs...)
s.load(session)
if len(session.Values) > 0 {
session.IsNew = false
}
}
return session, nil
}
func testSessionFlashes(t *testing.T, store sessions.Store) {
defer context.Close()
var req *http.Request
var rsp *ResponseRecorder
var hdr http.Header
var err error
var ok bool
var cookies []string
var session *sessions.Session
var flashes []interface{}
// Round 1 ----------------------------------------------------------------
req = getRequest()
rsp = NewRecorder()
// Get a session.
if session, err = store.Get(req, "session-key"); err != nil {
t.Fatalf("Error getting session: %v", err)
}
// Get a flash.
flashes = session.Flashes()
if len(flashes) != 0 {
t.Errorf("Expected empty flashes; Got %v", flashes)
}
// Add some flashes.
session.AddFlash("foo")
session.AddFlash("bar")
// Custom key.
session.AddFlash("baz", "custom_key")
// Save.
if err = sessions.Save(req, rsp); err != nil {
t.Fatalf("Error saving session: %v", err)
}
hdr = rsp.Header()
cookies, ok = hdr["Set-Cookie"]
if !ok || len(cookies) != 1 {
t.Fatalf("No cookies. Header:", hdr)
}
// Round 2 ----------------------------------------------------------------
req = getRequest()
req.Header.Add("Cookie", cookies[0])
rsp = NewRecorder()
// Get a session.
if session, err = store.Get(req, "session-key"); err != nil {
t.Fatalf("Error getting session: %v", err)
}
// Check all saved values.
flashes = session.Flashes()
if len(flashes) != 2 {
t.Fatalf("Expected flashes; Got %v", flashes)
}
if flashes[0] != "foo" || flashes[1] != "bar" {
t.Errorf("Expected foo,bar; Got %v", flashes)
}
flashes = session.Flashes()
if len(flashes) != 0 {
t.Errorf("Expected dumped flashes; Got %v", flashes)
}
// Custom key.
flashes = session.Flashes("custom_key")
if len(flashes) != 1 {
t.Errorf("Expected flashes; Got %v", flashes)
} else if flashes[0] != "baz" {
t.Errorf("Expected baz; Got %v", flashes)
}
flashes = session.Flashes("custom_key")
if len(flashes) != 0 {
t.Errorf("Expected dumped flashes; Got %v", flashes)
}
}