Ejemplo n.º 1
0
func Remember(r *http.Request, w http.ResponseWriter, id uint64) error {
	if id == 0 {
		return nil
	}
	session, err := sessionStore.New(r, "remember")
	if err != nil {
		return err
	}
	se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
	if rerr != nil {
		return rerr
	}
	ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
	values := make([]interface{}, 2)
	values[0] = id
	values[1] = string(ph.Hash)
	encoded, err := securecookie.EncodeMulti(session.Name(), values, sessionStore.Codecs...)
	if err != nil {
		return err
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     rememberOpts.Path,
		Domain:   rememberOpts.Domain,
		MaxAge:   rememberOpts.MaxAge,
		Secure:   rememberOpts.Secure,
		HttpOnly: rememberOpts.HttpOnly,
	}
	http.SetCookie(w, cookie)
	context.DefaultContext.Clear(r)
	return nil
}
Ejemplo n.º 2
0
// Save adds a single session to the response.
func (s *redisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
	var err error
	if session.ID == "" {
		var i uint64
		i, err = NoeqClient.GenOne()
		if err != nil {
			return err
		}
		session.ID = strconv.FormatUint(i, 10)
	}
	if err = s.save(session); err != nil {
		return err
	}
	var encoded string
	encoded, err = securecookie.EncodeMulti(session.Name(), &session.ID, s.Codecs...)
	if err != nil {
		return err
	}
	options := s.Options
	if session.Options != nil {
		options = session.Options
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     options.Path,
		Domain:   options.Domain,
		MaxAge:   options.MaxAge,
		Secure:   options.Secure,
		HttpOnly: options.HttpOnly,
	}
	http.SetCookie(w, cookie)
	context.DefaultContext.Clear(r)
	return nil
}
Ejemplo n.º 3
0
// Save adds a single session to the response.
func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter,
	session *Session) error {
	if session.ID == "" {
		session.ID = string(securecookie.GenerateRandomKey(32))
	}
	if err := s.save(session); err != nil {
		return err
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
		s.Codecs...)
	if err != nil {
		return err
	}
	options := s.Options
	if session.Options != nil {
		options = session.Options
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     options.Path,
		Domain:   options.Domain,
		MaxAge:   options.MaxAge,
		Secure:   options.Secure,
		HttpOnly: options.HttpOnly,
	}
	http.SetCookie(w, cookie)
	return nil
}
Ejemplo n.º 4
0
// Save adds a single session to the response.
func (s *CookieStore) Save(r *http.Request, w http.ResponseWriter,
	session *Session) error {
	encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
		s.Codecs...)
	if err != nil {
		return err
	}
	http.SetCookie(w, NewCookie(session.Name(), encoded, session.Options))
	return nil
}
Ejemplo n.º 5
0
func (s *MongoStore) save(session *sessions.Session) error {
	encoded, err := securecookie.EncodeMulti(session.Name(),
		session.Values,
		s.Codecs...)
	if err != nil {
		return err
	}
	mg := &MgSessionTbl{
		Encoded:   encoded,
		SessionID: []byte(session.ID),
		Age:       bson.Now(),
	}
	_, err = s.DBCollection.Upsert(bson.M{"sessionid": session.ID}, mg)
	return err
}
Ejemplo n.º 6
0
// Save adds a single session to the response.
func (s *DatastoreStore) Save(r *http.Request, w http.ResponseWriter,
	session *sessions.Session) error {
	if session.ID == "" {
		session.ID = string(securecookie.GenerateRandomKey(32))
	}
	if err := s.save(r, session); err != nil {
		return err
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
		s.Codecs...)
	if err != nil {
		return err
	}
	http.SetCookie(w, sessions.NewCookie(session.Name(), encoded,
		session.Options))
	return nil
}
Ejemplo n.º 7
0
// Save adds a single session to the response.
func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter,
	session *Session) error {
	if session.ID == "" {
		// Because the ID is used in the filename, encode it to
		// use alphanumeric characters only.
		session.ID = strings.TrimRight(
			base32.StdEncoding.EncodeToString(
				securecookie.GenerateRandomKey(32)), "=")
	}
	if err := s.save(session); err != nil {
		return err
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
		s.Codecs...)
	if err != nil {
		return err
	}
	http.SetCookie(w, NewCookie(session.Name(), encoded, session.Options))
	return nil
}
Ejemplo n.º 8
0
// save writes encoded session.Values to a file.
func (s *redisStore) save(session *sessions.Session) error {
	if session.Name() == "remember" {
		return nil
	}
	if len(session.Values) == 0 {
		// Don't need to write anything.
		return nil
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), &session.Values, s.Codecs...)
	if err != nil {
		return err
	}
	d := make(chan bool)
	saves <- &sessionAction{"session:" + session.ID, int64(sessionExpire), encoded, d}
	f := <-d
	if !f {
		return cantSave
	}
	return nil
}
Ejemplo n.º 9
0
// save writes encoded session.Values to a file.
func (s *FilesystemStore) save(session *Session) error {
	if len(session.Values) == 0 {
		// Don't need to write anything.
		return nil
	}
	encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
		s.Codecs...)
	if err != nil {
		return err
	}
	filename := s.path + "session_" + session.ID
	fileMutex.Lock()
	defer fileMutex.Unlock()
	fp, err2 := os.OpenFile(filename, os.O_WRONLY|os.O_CREATE, 0600)
	if err2 != nil {
		return err2
	}
	if _, err = fp.Write([]byte(encoded)); err != nil {
		return err
	}
	fp.Close()
	return nil
}
Ejemplo n.º 10
0
// Save adds a single session to the response.
func (s *CookieStore) Save(r *http.Request, w http.ResponseWriter,
	session *Session) error {
	encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
		s.Codecs...)
	if err != nil {
		return err
	}
	options := s.Options
	if session.Options != nil {
		options = session.Options
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     options.Path,
		Domain:   options.Domain,
		MaxAge:   options.MaxAge,
		Secure:   options.Secure,
		HttpOnly: options.HttpOnly,
	}
	http.SetCookie(w, cookie)
	return nil
}