Ejemplo n.º 1
0
func TestKey(t *testing.T) {
	userSession := common.CreateUserSession(
		&sessions.Session{Values: make(map[interface{}]interface{})})
	if out := userSession.Key(); out != nil {
		t.Error("Expected nil")
	}
	userSession.SetKey(&vsafe.Key{Id: 17})
	if out := userSession.Key().Id; out != 17 {
		t.Errorf("Expected 17, got %d", out)
	}
	userSession.SetKey(nil)
	if out := userSession.Key(); out != nil {
		t.Error("Expected nil again")
	}
}
Ejemplo n.º 2
0
func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http_util.WriteTemplate(w, kTemplate, nil)
	} else {
		r.ParseForm()
		userName := r.Form.Get("name")
		password := r.Form.Get("password")
		var user vsafe.User
		err := h.Store.UserByName(nil, userName, &user)
		if err == vsafedb.ErrNoSuchId {
			http_util.WriteTemplate(w, kTemplate, "Login incorrect.")
			return
		}
		if err != nil {
			http_util.ReportError(w, "Database error", err)
			return
		}
		key, err := user.VerifyPassword(password)
		if err == vsafe.ErrWrongPassword {
			http_util.WriteTemplate(w, kTemplate, "Login incorrect.")
			return
		}
		if err != nil {
			http_util.ReportError(w, "Error verifying password", err)
			return
		}
		gs, err := common.NewGorillaSession(h.SessionStore, r)
		if err != nil {
			http_util.ReportError(w, "Error creating session", err)
			return
		}
		session := common.CreateUserSession(gs)
		session.SetUserId(user.Id)
		session.SetKey(key)
		session.ID = "" // For added security, force a new session ID
		session.Save(r, w)
		http_util.Redirect(w, r, r.Form.Get("prev"))
	}
}