func (ss *SubmitServer) securePage(toRun func(runuser *Hyades.Person, w http.ResponseWriter, req *http.Request)) func(w http.ResponseWriter, req *http.Request) {
return func(w http.ResponseWriter, req *http.Request) {
str, err := store.New(ss.boltDB, store.Config{}, []byte("secret-key"))
if err != nil {
log.Println("securePage store.New", req.URL.Path, "err:", err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, err := str.Get(req, "session")
if err != nil {
log.Println("securePage", req.URL.Path, "err:", err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if SessIDut, ok := session.Values["sessID"]; ok {
var SessID string
switch t := SessIDut.(type) {
case string:
SessID = t //SessIDut.(string)
default:
http.Error(w, "SessID invalid type", http.StatusInternalServerError)
}
//runuser, ok := ss.sessionUserMap[SessID]
runuser := ss.users.getUser(SessID)
if runuser != nil {
toRun(runuser, w, req)
} else {
javascriptredirect(w, "/?to="+req.URL.RequestURI())
//http.Error(w, "/", http.StatusTemporaryRedirect )
}
} else {
log.Println("Can't get session ID")
javascriptredirect(w, "/?to="+req.URL.RequestURI())
//http.Error(w, "/", http.StatusTemporaryRedirect )
}
session.Save(req, w)
}
}
func New(db *bolt.DB) httpHandler {
config := jconfig.LoadConfig("config.json")
key := config.GetString("session_secret")
var err error
str, err = store.New(db, store.Config{}, []byte(key))
if err != nil {
panic(err)
}
sessionName = config.GetString("session_name")
return func(h http.Handler) http.Handler {
return http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
session, err := GetSession(r)
if err != nil {
util.Error(err, w)
return
}
if t, ok := session.Values["expires"]; ok {
if time.Now().Before(t.(time.Time)) {
// authed
if u, ok := session.Values["user"]; ok {
w.Header().Set("X-User", u.(string))
}
w.Header().Set("X-Expires", t.(time.Time).String())
h.ServeHTTP(w, r)
return
}
}
user, pass, ok := r.BasicAuth()
if ok {
if checkUserIn(user, pass, w, r) {
h.ServeHTTP(w, r)
return
}
}
if r.URL.Path == "/api/v1/auth/" {
h.ServeHTTP(w, r)
return
}
w.WriteHeader(http.StatusUnauthorized)
},
)
}
}
func (ss *SubmitServer) loginUser(w http.ResponseWriter, req *http.Request) {
str, err := store.New(ss.boltDB, store.Config{}, []byte("secret-key"))
if err != nil {
log.Println(err)
http.Error(w, "Internal error", http.StatusInternalServerError)
return
}
session, err := str.New(req, "session")
if err != nil {
log.Println("str.New(req, Session)", err)
http.Error(w, "Internal error", http.StatusInternalServerError)
return
}
req.ParseForm()
if len(req.PostForm["Name"]) == 0 || len(req.PostForm["Password"]) == 0 {
log.Println("Name or password missing:", req.PostForm)
http.Error(w, "Name or password missing", http.StatusUnauthorized)
return
}
u, ok := ss.users.findUser(req.PostForm["Name"][0], req.PostForm["Password"][0])
if ok {
session.Values["sessID"] = u.Username
// Create a session.
log.Println("!!New session!!")
} else {
log.Println("!!Invalid username/password on login!!")
http.Error(w, "Not a valid username or password", http.StatusUnauthorized)
}
if err := session.Save(req, w); err != nil {
log.Println("Saving session failed")
}
}