// sessionStore returns the oauthmw session store.
func (l login) sessionStore(ctxt context.Context) *Store {
// get store from session
obj, ok := sessionmw.Get(ctxt, l.provider.SessionKey)
if ok {
store, ok := obj.(Store)
if !ok {
// this shouldn't ever happen ...
log.Println("CORRUPTED/MALFORMED SESSION STORAGE. OVERWRITING")
store = Store{
Provider: "",
Token: &oauth2.Token{},
States: make(map[string]StoreState),
}
sessionmw.Set(ctxt, l.provider.SessionKey, store)
return &store
}
return &store
}
// create new store in session and return
store := Store{
Provider: "",
Token: &oauth2.Token{},
States: make(map[string]StoreState),
}
sessionmw.Set(ctxt, l.provider.SessionKey, store)
return &store
}
func UserLoginHandler(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
if !cas.IsAuthenticated(r) {
// save the referrer
sessionmw.Set(ctx, CASReferrer, r.Referer())
// shut off rendering
dataRenderer := data.FromContext(ctx)
dataRenderer.Type = data.DataNoRender
// and redirect
cas.RedirectToLogin(rw, r)
} else {
// get the referrer
referrer, has := sessionmw.Get(ctx, CASReferrer)
sessionmw.Delete(ctx, CASReferrer)
// shut off rendering
dataRenderer := data.FromContext(ctx)
dataRenderer.Type = data.DataNoRender
// and redirect
if !has {
http.Redirect(rw, r, render.ConvertURL("/"), http.StatusTemporaryRedirect)
} else {
http.Redirect(rw, r, referrer.(string), http.StatusTemporaryRedirect)
}
}
}
func RenderAfterware(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
ret := FromContext(ctx)
renderer := render.FromContext(ctx)
// Set the CSRF token
rw.Header().Set("X-CSRF-Token", csrf.Token(ctx, r))
switch ret.Type {
case DataNoRender:
break
case DataHTML:
if ret.Template == "" {
// guess we're not rendering anything
break
}
if m, ok := ret.Data.(map[string]interface{}); ok {
// Set the copyright on all pages
m["copyright"] = time.Now().Year()
// Add xsrf tokens
m["xsrf_token"] = csrf.Token(ctx, r)
m["xsrf_data"] = csrf.TemplateField(ctx, r)
// Add environment declaration
m["environment"] = runMode
// Add Nav info if it doesn't already exist
if _, ok := m["Nav"]; !ok {
m["Nav"] = -1
}
// Add authentication information
m["authenticated"] = cas.Username(r)
// Add session flash stuff
if f, has := sessionmw.Get(ctx, FlashErr); has {
m["flash_err"] = f
sessionmw.Delete(ctx, FlashErr)
}
if f, has := sessionmw.Get(ctx, FlashWarn); has {
m["flash_warn"] = f
sessionmw.Delete(ctx, FlashWarn)
}
if f, has := sessionmw.Get(ctx, FlashInfo); has {
m["flash_info"] = f
sessionmw.Delete(ctx, FlashInfo)
}
}
renderer.HTML(rw, ret.Status, ret.Template, ret.Data)
case DataJSON:
renderer.JSON(rw, ret.Status, ret.Data)
case DataBinary:
renderer.Data(rw, ret.Status, ret.Data.([]byte))
case DataText:
renderer.Text(rw, ret.Status, ret.Data.(string))
case DataJSONP:
renderer.JSONP(rw, ret.Status, ret.Callback, ret.Data)
case DataXML:
renderer.XML(rw, ret.Status, ret.Data)
default:
panic("no such data type")
}
}