// ValidateUser checks if the request triggered by a valid user func (b *BaseAPI) ValidateUser() int { username, password, ok := b.Ctx.Request.BasicAuth() if ok { log.Infof("Requst with Basic Authentication header, username: %s", username) user, err := auth.Login(models.AuthModel{ Principal: username, Password: password, }) if err != nil { log.Errorf("Error while trying to login, username: %s, error: %v", username, err) user = nil } if user != nil { return user.UserID } } sessionUserID := b.GetSession("userId") if sessionUserID == nil { log.Warning("No user id in session, canceling request") b.CustomAbort(http.StatusUnauthorized, "") } userID := sessionUserID.(int) u, err := dao.GetUser(models.User{UserID: userID}) if err != nil { log.Errorf("Error occurred in GetUser, error: %v", err) b.CustomAbort(http.StatusInternalServerError, "Internal error.") } if u == nil { log.Warningf("User was deleted already, user id: %d, canceling request.", userID) b.CustomAbort(http.StatusUnauthorized, "") } return userID }
func authenticate(principal, password string) bool { user, err := auth.Login(models.AuthModel{ Principal: principal, Password: password, }) if err != nil { log.Errorf("Error occurred in UserLogin: %v", err) return false } if user == nil { return false } return true }
// Login handles login request from UI. func (c *CommonController) Login() { principal := c.GetString("principal") password := c.GetString("password") user, err := auth.Login(models.AuthModel{ Principal: principal, Password: password, }) if err != nil { log.Errorf("Error occurred in UserLogin: %v", err) c.CustomAbort(http.StatusUnauthorized, "") } if user == nil { c.CustomAbort(http.StatusUnauthorized, "") } c.SetSession("userId", user.UserID) c.SetSession("username", user.Username) }