func UserLogin(r *http.Request, db *sql.DB, s sessions.Session, rw http.ResponseWriter) (int, string) {
var id string
var pass string
email, password := r.FormValue("email"), r.FormValue("password")
err := db.QueryRow("select id, password from appuser where email=$1", email).Scan(&id, &pass)
if err != nil || bcrypt.CompareHashAndPassword([]byte(pass), []byte(password)) != nil {
//return 401, "Not Authorized. Buuuurn!"
http.Redirect(rw, r, "/wrong", http.StatusFound)
}
//set the user id in the session
s.Set("userId", id)
//return user
if returnUrl, ok := s.Get("returnUrl").(string); ok {
s.Delete("returnUrl")
http.Redirect(rw, r, returnUrl, http.StatusFound)
} else {
http.Redirect(rw, r, "/", http.StatusFound)
}
return 200, "User id is " + id
}
func getSignin(s sessions.Session, w http.ResponseWriter, r *http.Request) {
s.Delete("username")
if !oauthEnabled() {
http.Redirect(w, r, "/", http.StatusFound)
return
}
body, err := Asset("templates/signin.html")
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Printf("ERROR: %s", err)
return
}
tmpl, err := template.New("config.js").Parse(string(body))
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Printf("ERROR: %s", err)
return
}
err = tmpl.Execute(w, struct {
Error string
Google bool
}{
Error: r.FormValue("error"),
Google: googleOauthEnabled(),
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Printf("ERROR: %s", err)
return
}
}
func inner_GET_authorize(c martini.Context, sess sessions.Session, r *http.Request, ar *osin.AuthorizeRequest) bool {
var (
identity = ActiveIdentity(c)
source = current_url(r)
handler martini.Handler
)
if identity != nil {
ar.UserData = identity
sess.Delete("flow")
return true
} else {
sess.Set("flow", FlowState{
Type: AuthorizeFlow,
Source: source,
StartAt: time.Now(),
})
if provider := r.URL.Query().Get("p"); provider == "" {
handler = show_provider_chooser()
} else {
handler = redirect_to_provider(provider)
}
}
c.Invoke(handler)
return false
}
func (s *AEServer) HandleLogout(session sessions.Session) {
toki := session.Get("Login")
if toki == nil {
return
}
s.ch_logout <- toki.(string)
session.Delete("Login")
}
func getFlash(session sessions.Session, key string) string {
value := session.Get(key)
if value == nil {
return ""
} else {
session.Delete(key)
return value.(string)
}
}
// LogoutUser is a route which deletes session cookie "user", from the given client.
// On API call responds with HTTP 200 body and on frontend the client is redirected to homepage "/".
func LogoutUser(req *http.Request, s sessions.Session, res render.Render) {
s.Delete("user")
switch Root(req) {
case "api":
res.JSON(200, map[string]interface{}{"success": "You've been logged out."})
return
case "user":
res.Redirect("/", 302)
return
}
}
func must_authenticate(c martini.Context, sess sessions.Session, db *sqlx.DB, r *http.Request) {
identity := ActiveIdentity(c)
if identity != nil {
return
}
if r.Header.Get("x-interactive") == "true" {
sess.Delete("identity_id")
c.Invoke(redirect_to("/login"))
} else {
c.Invoke(forbidden())
}
}
func oauth2callback(params martini.Params, s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
providerName := params["provider"]
if providerName == "" {
http.Error(w, "Unknown provider", http.StatusBadRequest)
return
}
provider, err := gomniauth.Provider(providerName)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Printf("ERROR: %s", err)
return
}
omap, err := objx.FromURLQuery(r.URL.RawQuery)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
creds, err := provider.CompleteAuth(omap)
if err != nil {
s.Delete("username")
http.Redirect(w, r, "/signin?error=Access+Denied", http.StatusFound)
log.Printf("ERROR: %s", err)
return
}
user, err := provider.GetUser(creds)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Printf("ERROR: %s", err)
return
}
if strings.HasSuffix(user.Email(), authDomain) {
log.Printf("%s authenticated via %s", user.Email(), providerName)
s.Set("username", user.Email())
} else {
http.Redirect(w, r, "/signin", http.StatusFound)
return
}
http.Redirect(w, r, "/", http.StatusFound)
}
func GET_login(c martini.Context, sess sessions.Session, r *http.Request) {
var (
identity = ActiveIdentity(c)
source = r.Referer()
handler martini.Handler
)
if identity != nil {
sess.Delete("flow")
handler = redirect_to(source)
} else {
sess.Set("flow", FlowState{
Type: LoginFlow,
Source: source,
StartAt: time.Now(),
})
handler = show_provider_chooser()
}
c.Invoke(handler)
}
func GET_link(c martini.Context, sess sessions.Session, r *http.Request) {
var (
identity = ActiveIdentity(c)
source = r.Referer()
handler martini.Handler
)
if identity == nil {
sess.Delete("flow")
handler = forbidden()
} else {
sess.Set("flow", FlowState{
Type: LinkFlow,
Source: source,
IdentityId: identity.Id,
StartAt: time.Now(),
})
handler = show_provider_chooser()
}
c.Invoke(handler)
}
func editReruenInfo(params martini.Params, session sessions.Session, r render.Render) {
user_number := session.Get("user_number")
user_name := session.Get("user_name")
if user_number == nil || user_name == nil {
r.HTML(200, "home", nil)
}
if params["status"] == "success" {
msg := EditReturnInfo{
Status: true,
Message: "修改成功!",
}
session.Delete("user_name")
session.Delete("user_number")
r.HTML(200, "editReruenInfo", msg)
} else {
msg := EditReturnInfo{
Status: false,
Message: "对不起!修改失败!",
}
r.HTML(200, "editReruenInfo", msg)
}
}
func Logout(ren render.Render, req *http.Request, s sessions.Session) {
s.Delete("userId")
ren.JSON(http.StatusAccepted, nil)
}
func Logout(session sessions.Session, r render.Render) {
v := session.Get("userid")
fmt.Println(v)
session.Delete("userid")
r.HTML(200, "login", "登出成功")
}
func LogoutHandler(w http.ResponseWriter, req *http.Request, session sessions.Session) {
session.Delete("username")
http.Redirect(w, req, "/login", http.StatusFound)
}
func Logout(rw http.ResponseWriter, req *http.Request, s sessions.Session) {
s.Delete("userId")
http.Redirect(rw, req, "/", http.StatusFound)
}
func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
next := extractPath(r.URL.Query().Get(keyNextPage))
s.Delete(keyToken)
http.Redirect(w, r, next, codeRedirect)
}
func (this *Transport) Invalidate(s sessions.Session) {
s.Delete(keyToken)
this.Token = &oauth.Credentials{}
}
func UserLogout(ren render.Render, s sessions.Session) {
s.Delete("userId")
ren.HTML(200, "logout", nil)
}
func ProcessLogout(w http.ResponseWriter, r *http.Request, session sessions.Session) string {
session.Delete("username")
http.Redirect(w, r, "/login", http.StatusFound)
return "OK"
}
// ProtectedPage makes sure that the user is logged in. Use on pages which need authentication
// or which have to deal with user structure later on.
func ProtectedPage(req *http.Request, session sessions.Session, render render.Render) {
if !sessionIsAlive(session) {
session.Delete("user")
render.JSON(401, map[string]interface{}{"error": "Unauthorized"})
}
}
func Logout(rw http.ResponseWriter, req *http.Request, sess sessions.Session) {
sess.Delete("auth")
http.Redirect(rw, req, "/admin/auth", http.StatusFound)
return
}
// Logout will clear out the session and call the Logout() user function.
func Logout(s sessions.Session, user User) {
user.Logout()
s.Delete(SessionKey)
}
func HandleLogout(r render.Render, s sessions.Session) {
s.Delete("IsLogin")
r.Redirect("/admin/login")
}
func logout(w http.ResponseWriter, r *http.Request, s sessions.Session, logger *log.Logger) {
s.Delete("useradmin")
w.Write(jsonResponse(map[string]interface{}{"status": true, "msg": "success"}))
}
func Signout(session webSessions.Session, r render.Render) {
session.Delete("auth_user")
r.Redirect("/login", 302)
}
func Logout(res http.ResponseWriter, req *http.Request, session sessions.Session) {
session.Delete("login")
session.Delete("UserName")
http.Redirect(res, req, "/login", http.StatusFound)
return
}
func GET_logout(sess sessions.Session, rw http.ResponseWriter, r *http.Request) {
sess.Delete("identity_id")
http.Redirect(rw, r, "/", http.StatusFound)
}
// DELETE /api/logout
func (mgr *Manager) Logout(w http.ResponseWriter, r *http.Request, ss sessions.Session) {
ss.Delete("uid")
w.WriteHeader(204)
}
// 删除登陆令牌(登出)
// 并不会删除用户表信息
// @router /users/authentication [delete]
func (this *Controller) AuthenticationDelete(req *http.Request, session sessions.Session) (int, []byte) {
session.Delete("id")
return this.Success("已清空用户session")
}
func Logout(session sessions.Session, render render.Render) {
session.Delete("username")
render.Redirect("/")
}