// LoginUser tries to login a user using given credentials func LoginUser(sess *sessions.Session, uR *UserRepository, username string, password string) (bool, error) { err := ValidateLogin(username, password) // Check if we have the needed values for login if err != nil { return false, err } // Get the username object that has this username user := uR.ByUsername(username) // Check if the username exists if user.ID == 0 { return false, errBadCredentials } // If we have a username, check if passwords are matching passMatch := hash.CompareWithHash([]byte(user.Password), password) if passMatch == false { return false, errBadCredentials } // Login successful, clear all session variables and add the user details in session // Need to thing more of this if it's really necessary session.Empty(sess) sess.Values["user_id"] = user.ID sess.Values["username"] = user.Username return true, nil }
//GETDashboardLogout GET admin/logout func GETDashboardLogout(a *application.App) httprouter.Handle { return func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { // Get session sess := session.Instance(r) // If user is authenticated if sess.Values["user_id"] != nil { session.Empty(sess) sess.Save(r, w) } http.Redirect(w, r, "/admin/login", http.StatusFound) } }