Beispiel #1
0
// UserLogin Check Login
func UserLogin(w http.ResponseWriter, r *http.Request, proute routes.Proute) {

	time.Sleep(1 * time.Second) // limit rate

	l := proute.Json.(*Userlogin)

	tx, err := db.DB.Beginx()
	if err != nil {
		log.Panicln("Can't start transaction for creating a new user")
		return
	}

	user := model.User{
		Username: l.Username,
	}

	err = user.Get(tx)
	if err != nil {
		log.Println("Login failed for user :"******"(can't find this username)")
		tx.Rollback()
		ArkeoError(w, 401, "Bad Username/Password")
		return
	}

	// test login
	ok := user.Login(l.Password)
	if !ok {
		log.Println("Login failed for user :"******"(password mismatch)")
		tx.Rollback()
		ArkeoError(w, 401, "Bad Username/Password")
		return
	}

	user.Password = "" // immediatly erase password field

	log.Println("Login ", user.Username, " => ", ok)

	token, s := session.NewSession()
	s.Values["user_id"] = user.Id
	s.Values["user"] = user

	a, err := loginAnswer(w, tx, user, token)
	if err != nil {
		log.Println("Login answer build failed : ", err)
		tx.Rollback()
		return
	}

	err = tx.Commit()
	if err != nil {
		userSqlError(w, err)
		return
	}

	j, err := json.Marshal(a)
	w.Write(j)
}
Beispiel #2
0
// UserLogout will destroy it's session
func UserLogout(w http.ResponseWriter, r *http.Request, proute routes.Proute) {
	time.Sleep(1 * time.Second) // limit rate

	u, ok := proute.Session.Get("user")
	if ok {
		user, ok := u.(model.User)
		log.Println("Logout ", user.Username, " => ", ok)
	}

	token := r.Header.Get("Authorization")
	session.DestroySession(token)

	tx, err := db.DB.Beginx()
	if err != nil {
		log.Panicln("Can't start transaction for creating a new user")
		return
	}

	user := model.User{
		Id: 0,
	}

	err = user.Get(tx)
	user.Password = "" // immediatly erase password field

	if err != nil {
		log.Println("Failed to load anonymous user ")
		tx.Rollback()
		ArkeoError(w, 401, "Bad thing appned")
		return
	}

	log.Println("Logout ", user.Username)

	token, s := session.NewSession()
	s.Values["user_id"] = user.Id
	s.Values["user"] = user

	a, err := loginAnswer(w, tx, user, token)
	if err != nil {
		log.Println("Login answer build failed : ", err)
		tx.Rollback()
		return
	}

	err = tx.Commit()
	if err != nil {
		userSqlError(w, err)
		return
	}

	j, err := json.Marshal(a)
	w.Write(j)
}