Ejemplo n.º 1
0
// LoginUser tries to login a user using given credentials
func LoginUser(sess *sessions.Session, uR *UserRepository, username string, password string) (bool, error) {

	err := ValidateLogin(username, password)

	// Check if we have the needed values for login
	if err != nil {
		return false, err
	}

	// Get the username object that has this username
	user := uR.ByUsername(username)

	// Check if the username exists
	if user.ID == 0 {
		return false, errBadCredentials
	}

	// If we have a username, check if passwords are matching
	passMatch := hash.CompareWithHash([]byte(user.Password), password)

	if passMatch == false {
		return false, errBadCredentials
	}

	// Login successful, clear all session variables and add the user details in session
	// Need to thing more of this if it's really necessary
	session.Empty(sess)

	sess.Values["user_id"] = user.ID
	sess.Values["username"] = user.Username

	return true, nil
}
Ejemplo n.º 2
0
//GETDashboardLogout GET admin/logout
func GETDashboardLogout(a *application.App) httprouter.Handle {

	return func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

		// Get session
		sess := session.Instance(r)

		// If user is authenticated
		if sess.Values["user_id"] != nil {
			session.Empty(sess)
			sess.Save(r, w)
		}

		http.Redirect(w, r, "/admin/login", http.StatusFound)

	}

}