Exemple #1
0
// sessionStore returns the oauthmw session store.
func (l login) sessionStore(ctxt context.Context) *Store {
	// get store from session
	obj, ok := sessionmw.Get(ctxt, l.provider.SessionKey)
	if ok {
		store, ok := obj.(Store)
		if !ok {
			// this shouldn't ever happen ...
			log.Println("CORRUPTED/MALFORMED SESSION STORAGE. OVERWRITING")
			store = Store{
				Provider: "",
				Token:    &oauth2.Token{},
				States:   make(map[string]StoreState),
			}

			sessionmw.Set(ctxt, l.provider.SessionKey, store)
			return &store
		}

		return &store
	}

	// create new store in session and return
	store := Store{
		Provider: "",
		Token:    &oauth2.Token{},
		States:   make(map[string]StoreState),
	}

	sessionmw.Set(ctxt, l.provider.SessionKey, store)
	return &store
}
Exemple #2
0
func UserLoginHandler(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
	if !cas.IsAuthenticated(r) {
		// save the referrer
		sessionmw.Set(ctx, CASReferrer, r.Referer())

		// shut off rendering
		dataRenderer := data.FromContext(ctx)
		dataRenderer.Type = data.DataNoRender

		// and redirect
		cas.RedirectToLogin(rw, r)
	} else {
		// get the referrer
		referrer, has := sessionmw.Get(ctx, CASReferrer)
		sessionmw.Delete(ctx, CASReferrer)

		// shut off rendering
		dataRenderer := data.FromContext(ctx)
		dataRenderer.Type = data.DataNoRender

		// and redirect
		if !has {
			http.Redirect(rw, r, render.ConvertURL("/"), http.StatusTemporaryRedirect)
		} else {
			http.Redirect(rw, r, referrer.(string), http.StatusTemporaryRedirect)
		}
	}
}
Exemple #3
0
func RenderAfterware(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
	ret := FromContext(ctx)
	renderer := render.FromContext(ctx)

	// Set the CSRF token
	rw.Header().Set("X-CSRF-Token", csrf.Token(ctx, r))

	switch ret.Type {
	case DataNoRender:
		break
	case DataHTML:
		if ret.Template == "" {
			// guess we're not rendering anything
			break
		}
		if m, ok := ret.Data.(map[string]interface{}); ok {
			// Set the copyright on all pages
			m["copyright"] = time.Now().Year()

			// Add xsrf tokens
			m["xsrf_token"] = csrf.Token(ctx, r)
			m["xsrf_data"] = csrf.TemplateField(ctx, r)

			// Add environment declaration
			m["environment"] = runMode

			// Add Nav info if it doesn't already exist
			if _, ok := m["Nav"]; !ok {
				m["Nav"] = -1
			}

			// Add authentication information
			m["authenticated"] = cas.Username(r)

			// Add session flash stuff
			if f, has := sessionmw.Get(ctx, FlashErr); has {
				m["flash_err"] = f
				sessionmw.Delete(ctx, FlashErr)
			}
			if f, has := sessionmw.Get(ctx, FlashWarn); has {
				m["flash_warn"] = f
				sessionmw.Delete(ctx, FlashWarn)
			}
			if f, has := sessionmw.Get(ctx, FlashInfo); has {
				m["flash_info"] = f
				sessionmw.Delete(ctx, FlashInfo)
			}
		}
		renderer.HTML(rw, ret.Status, ret.Template, ret.Data)
	case DataJSON:
		renderer.JSON(rw, ret.Status, ret.Data)
	case DataBinary:
		renderer.Data(rw, ret.Status, ret.Data.([]byte))
	case DataText:
		renderer.Text(rw, ret.Status, ret.Data.(string))
	case DataJSONP:
		renderer.JSONP(rw, ret.Status, ret.Callback, ret.Data)
	case DataXML:
		renderer.XML(rw, ret.Status, ret.Data)
	default:
		panic("no such data type")
	}
}