Beispiel #1
0
// ReadCookie fetches a cookie from the cookie store
func (store *FileCookieStore) ReadCookie(key string) (*Session, error) {
	fileName := fileLocation(store.location, key)
	encryptedData, err := ioutil.ReadFile(fileName)
	if err != nil {
		return nil, err
	}

	jsonData, err := security.Decrypt(encryptedData)
	if err != nil {
		return nil, err
	}

	var session *Session
	err = util.DeserializeJSON(jsonData, session)

	return session, err
}
Beispiel #2
0
// Authorize tries to authorize an existing gostToken
func Authorize(httpHeader http.Header) (*identity.Identity, error) {
	ghostToken, err := extractGhostToken(httpHeader)
	if err != nil {
		if err == errAnonymousUser {
			return identity.NewAnonymous(), nil
		}

		return nil, err
	}

	encryptedToken, err := util.Decode([]byte(ghostToken))
	if err != nil {
		return nil, err
	}

	jsonToken, err := security.Decrypt(encryptedToken)
	if err != nil {
		return nil, err
	}

	cookie := new(cookies.Session)
	err = util.DeserializeJSON(jsonToken, cookie)
	if err != nil {
		return nil, err
	}

	dbCookie, err := cookies.GetSession(cookie.Token)
	if err != nil || dbCookie == nil {
		return nil, ErrDeactivatedUser
	}

	if !identity.IsUserActivated(dbCookie.UserID) {
		return nil, ErrDeactivatedUser
	}

	go dbCookie.ResetToken()

	return identity.New(dbCookie), nil
}