func DoLogin(entity models.UserLogin, session sessions.Session, enc Encoder, db gorp.SqlExecutor) (int, string) {
status := &models.DefaultStruct{
Id: http.StatusForbidden,
Name: messages.GetLocaleMessage("en", "MSG_LOGIN_INVALID"),
Lang_key: "en",
}
user := GetUserByLogin(entity, db)
if user.Name != "" {
err := sessionauth.AuthenticateSession(session, user)
if err != nil {
status.Name = messages.GetLocaleMessage("en", "MSG_SESSION_INIT_ERROR")
return http.StatusForbidden, Must(enc.EncodeOne(status))
}
user.Authenticated = true
user.UpdateLastLogin()
status.Name = messages.GetLocaleMessage("en", "MSG_SUCCESSFUL_LOGIN")
return http.StatusOK, Must(enc.EncodeOne(user))
} else {
sessionauth.Logout(session, user)
session.Clear()
return http.StatusForbidden, Must(enc.EncodeOne(status))
}
return http.StatusForbidden, Must(enc.EncodeOne(status))
}
func main() {
store := sessions.NewCookieStore([]byte("secret123"))
dbmap = initDb()
m := martini.Classic()
m.Use(render.Renderer())
// Default our store to use Session cookies, so we don't leave logged in
// users roaming around
store.Options(sessions.Options{
MaxAge: 0,
})
m.Use(sessions.Sessions("my_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
sessionauth.RedirectUrl = "/login"
sessionauth.RedirectParam = "index"
m.Get("/", func(r render.Render) {
r.HTML(200, "index", nil)
})
m.Get("/login", func(r render.Render) {
r.HTML(200, "login", nil)
})
m.Post("/new-login", binding.Bind(MyUserModel{}), func(session sessions.Session, postedUser MyUserModel, r render.Render, req *http.Request) {
// You should verify credentials against a database or some other mechanism at this point.
// Then you can authenticate this session.
user := MyUserModel{}
err := dbmap.SelectOne(&user, "SELECT * FROM users WHERE username = $1 and password = $2", postedUser.Username, postedUser.Password)
if err != nil {
r.Redirect(sessionauth.RedirectUrl)
return
} else {
err := sessionauth.AuthenticateSession(session, &user)
if err != nil {
r.JSON(500, err)
}
params := req.URL.Query()
redirect := params.Get(sessionauth.RedirectParam)
r.Redirect(redirect)
return
}
})
m.Get("/private", sessionauth.LoginRequired, func(r render.Render, user sessionauth.User) {
r.HTML(200, "private", user.(*MyUserModel))
})
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
})
m.Run()
}
func main() {
m := martini.Classic()
m.Use(render.Renderer(render.Options{
Layout: "_layout",
}))
m.Use(secure.Secure(secure.Options{
SSLRedirect: true,
SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"},
}))
store := sessions.NewCookieStore([]byte(os.Getenv("COOKIE_SECRET")))
m.Use(sessions.Sessions("the_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
/** Main router **/
m.Get("/", sessionauth.LoginRequired, cameraList)
m.Get("/camimage", sessionauth.LoginRequired, cameraImage)
/** Login Handling **/
m.Get("/login", func(r render.Render) {
r.HTML(200, "login", nil, render.HTMLOptions{
Layout: "_login_layout",
})
})
m.Post("/login", binding.Bind(User{}), func(session sessions.Session, postedUser User, r render.Render, req *http.Request) {
// if not logged in
if postedUser.Passcode != "" && postedUser.Passcode == os.Getenv("WEB_PASSCODE") {
user := &User{}
err := sessionauth.AuthenticateSession(session, user)
if err != nil {
r.Text(500, "Error authenticating session")
return
}
params := req.URL.Query()
redirect := params.Get(sessionauth.RedirectParam)
r.Redirect(redirect)
return
} else {
r.Redirect(sessionauth.RedirectUrl)
return
}
})
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
})
m.Run()
}
func DoLogout(enc Encoder, session sessions.Session, user sessionauth.User, db gorp.SqlExecutor) (int, string) {
status := &models.DefaultStruct{
Id: http.StatusOK,
Name: messages.GetLocaleMessage("en", "MSG_LOGIN_REQUIRED"),
Lang_key: "en",
}
if user.IsAuthenticated() {
sessionauth.Logout(session, user)
session.Clear()
status.Name = messages.GetLocaleMessage("en", "MSG_SUCCESSFUL_LOGOUT")
}
updateUser := UserById(user.UniqueId().(int), db)
updateUser.Authenticated = false
db.Update(updateUser)
return http.StatusOK, Must(enc.EncodeOne(status))
}
func logoutHandler(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect(INDEX_PAGE)
}
func (web *MailWeb) logout(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
}
func (u UserHandler) Logout(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
}
func (self *oprloginComponent) Start(peer netfw.IPeer) {
m := peer.(martinihttp.IMartiniAcceptor).GetInterface()
var config coredef.OperateConfig
netfw.GetConfig("OperateConfig", &config)
store := sessions.NewCookieStore([]byte("secret123"))
store.Options(sessions.Options{
MaxAge: 0,
})
m.Use(sessions.Sessions("my_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
// 显示登陆页面
m.Get("/login", func(r render.Render) {
r.HTML(200, "login", nil)
})
// 提交登陆
m.Post("/login", binding.Bind(gmUserPostForm{}), func(session sessions.Session, msg gmUserPostForm, r render.Render, req *http.Request) {
var verify bool
for _, v := range config.GetAccount() {
if msg.UserName == v.GetAccount() && msg.Password == EncodePassword(v.GetPassword()) {
verify = true
break
}
}
if !verify {
r.Redirect("login")
}
err := sessionauth.AuthenticateSession(session, &User{AutoID: 1})
if err != nil {
r.JSON(500, err)
}
r.Redirect("index")
})
// 登出
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/login")
})
m.Get("/index", sessionauth.LoginRequired, func(r render.Render) {
r.HTML(200, "index", nil)
})
m.Get("/", func(r render.Render) {
r.Redirect("index")
})
}
func GetSignout(r render.Render, user sessionauth.User, session sessions.Session) {
sessionauth.Logout(session, user)
r.Redirect("/", http.StatusFound)
}
