// GetSession figures out the session from the session cookie in the request, or
// just return the session if that's been done already.
func GetSession(g *gas.Gas) (*Session, error) {
if store == nil {
return nil, ErrNoStore
}
const sessKey = "_gas_session"
if sessBox := g.Data(sessKey); sessBox != nil {
if sess, ok := sessBox.(*Session); ok {
return sess, nil
}
}
cookie, err := g.Cookie("s")
if err != nil {
if err == http.ErrNoCookie {
return nil, nil
}
SignOut(g)
return nil, err
}
if err = VerifyCookie(cookie); err != nil {
return nil, err
}
id, err := base64.StdEncoding.DecodeString(cookie.Value)
if err != nil {
// this means invalid session
SignOut(g)
return nil, err
}
//id := []byte(cookie.Value)
sess, err := store.Read(id)
if err != nil {
if err == sql.ErrNoRows {
SignOut(g)
return nil, nil
}
return nil, err
}
if time.Now().After(sess.Expires) {
SignOut(g)
return nil, ErrCookieExpired
}
g.SetData(sessKey, sess)
return sess, nil
}
// CheckReroute is a middleware handler that will check for and deal with
// reroute cookies
func CheckReroute(g *gas.Gas) (int, gas.Outputter) {
reroute, err := g.Cookie("_reroute")
if reroute != nil {
if err == nil {
blob, err := base64.StdEncoding.DecodeString(reroute.Value)
if err == nil {
g.SetData("_reroute", blob)
} else {
log.Println("gas: dispatch reroute:", err)
}
} else {
log.Println("gas: reroute cookie:", err)
}
// Empty the cookie out and toss it back
reroute.Value = ""
reroute.MaxAge = -1
g.SetCookie(reroute)
}
return g.Continue()
}