Exemple #1
0
func (s *Session) Save(w http.ResponseWriter, keepalive bool) error {
	q := `
        UPDATE user_session SET
            valid_until = ?
            , modified_date = ?
        WHERE id = ?;
    `

	valid := int64(0)

	if keepalive {
		valid = time.Now().Unix() + SESSION_OFFSET
	}

	params := []interface{}{
		valid,
		time.Now().Unix(),
		s.Id,
	}

	_, err := dao.Exec(q, params)
	if err != nil {
		return err
	}

	expires := -1

	if keepalive {
		expires, _ = strconv.Atoi(config.Get("session_cookie_expires"))
	}

	secure, _ := strconv.ParseBool(config.Get("session_cookie_secure"))

	c := new(http.Cookie)
	c.Name = config.Get("session_cookie_name")
	if keepalive {
		c.Value = s.Key
	}
	c.Path = config.Get("session_cookie_path")
	c.MaxAge = expires
	c.Secure = secure

	http.SetCookie(w, c)
	logger.Log(w, "SET-COOKIE", c.String())
	return nil
}
Exemple #2
0
func (u *User) UpdatePassword(password string) error {
	q := `
        UPDATE user SET
            password = ?
            , modified_date = ?
        WHERE id = ?;
    `

	params := []interface{}{
		hashpassword(password),
		time.Now().Unix(),
		u.Id,
	}

	_, err := dao.Exec(q, params)

	return err
}
Exemple #3
0
func Add(username string, email string, password string) error {
	// Add user
	ukey, err := uuid4.New()
	if err != nil {
		return err
	}

	q := `
        INSERT INTO user
        VALUES(
            NULL
            , ?
            , 0
            , ?
            , ?
            , ?
            , ''
            , ?
            , ?
        );
    `

	params := []interface{}{
		ukey,
		username,
		email,
		hashpassword(password),
		time.Now().Unix(),
		time.Now().Unix(),
	}

	result, err := dao.Exec(q, params)
	if err != nil {
		return err
	}

	uid, err := result.LastInsertId()
	if err != nil {
		return err
	}

	return SendVerify(uid, email, true)
}
Exemple #4
0
func New(u *user.User) (*Session, error) {
	// Create new session
	skey, err := uuid4.New()
	if err != nil {
		return nil, err
	}

	q := `
        INSERT INTO user_session VALUES(
            NULL
            , ?
            , ?
            , ?
            , ?
            , ?
        );
    `

	params := []interface{}{
		skey,
		u.Id,
		time.Now().Unix() + SESSION_OFFSET,
		time.Now().Unix(),
		time.Now().Unix(),
	}

	result, err := dao.Exec(q, params)
	if err != nil {
		return nil, err
	}

	sid, err := result.LastInsertId()
	if err != nil {
		return nil, err
	}

	return &Session{
		Id:   sid,
		Key:  skey,
		User: u,
	}, nil
}
Exemple #5
0
func (u *User) Update(email string, fullname string) error {
	q := `
        UPDATE user SET
            email = ?
            , fullname = ?
            , modified_date = ?
        WHERE id = ?;
    `

	params := []interface{}{
		email,
		fullname,
		time.Now().Unix(),
		u.Id,
	}

	_, err := dao.Exec(q, params)

	return err
}
Exemple #6
0
func Verify(vkey string) (*User, error) {
	// Get user key from verify
	q := `
        SELECT
            u.key
        FROM user_verify v, user u
        WHERE v.user_id = u.id
        AND v.key = ?
        AND v.valid_until > ?;
    `

	params := []interface{}{
		vkey,
		time.Now().Unix(),
	}

	var ukey string

	bind := []interface{}{
		&ukey,
	}

	err := dao.Row(q, params, bind)
	if err != nil {
		return nil, err
	}

	// Activate user
	q = `
        UPDATE user SET
            active = ?
            , modified_date = ?
        WHERE key = ?;
    `

	params = []interface{}{
		1,
		time.Now().Unix(),
		ukey,
	}

	_, err = dao.Exec(q, params)
	if err != nil {
		return nil, err
	}

	u, err := Load(ukey)
	if err != nil {
		return nil, err
	}

	q = `
        UPDATE user_verify SET
            valid_until = 0
            , modified_date = ?
        WHERE key = ?;
    `

	params = []interface{}{
		time.Now().Unix(),
		vkey,
	}

	_, err = dao.Exec(q, params)
	if err != nil {
		return nil, err
	}

	return u, nil
}
Exemple #7
0
func SendVerify(uid int64, email string, activate bool) error {
	// Add verify
	vkey, err := uuid4.New()
	if err != nil {
		return err
	}

	q := `
        INSERT INTO user_verify
        VALUES(
            NULL
            , ?
            , ?
            , ?
            , ?
            , ?
        );
    `

	params := []interface{}{
		vkey,
		uid,
		time.Now().Unix() + VERIFY_OFFSET,
		time.Now().Unix(),
		time.Now().Unix(),
	}

	_, err = dao.Exec(q, params)
	if err != nil {
		return err
	}

	// Send verify email
	url := fmt.Sprintf("%s/verify/%s", config.Get("baseurl"), vkey)

	loadTemplates()

	tpl := "reset"
	subject := "Timesheet - Password reset"
	if activate {
		tpl = "activate"
		subject = "Timesheet - Please active your account"
	}

	html := new(bytes.Buffer)
	Templates.ExecuteTemplate(html, fmt.Sprintf("%s.html", tpl), url)

	text := new(bytes.Buffer)
	Templates.ExecuteTemplate(text, fmt.Sprintf("%s.txt", tpl), url)

	m := awsses.New(
		config.Get("awsses_sender"),
		email,
		subject,
		html.String(),
		text.String())

	return m.Send(
		config.Get("awsses_baseurl"),
		config.Get("awsses_accesskey"),
		config.Get("awsses_secretkey"))
}