// Validate, if cookie is already set, otherwise
// it will be set.
func (rcv *controller) readCookie() error {
// Read cookie from client
c, err := rcv.request.Cookie(cookieName)
// If cookie does not exist on the client yet
if err != nil {
rcv.createCookie()
return nil
}
sid, err := rcv.readJwt(c.Value)
switch err.(type) {
case *expiredTokenError:
//fmt.Println("Token expired set new one.")
// Set new token on cookie, but keep the session id
rcv.createCookie(sid)
return nil
case *generallyTokenError:
return errors.New("Their is something wrong with verification. Please restart the browser.")
}
// Set session identification in the current context
context.Set(rcv.request, context.SID, sid)
rcv.renewTime(sid)
return nil
}
// Generate JWT. Would the token be expired, then the user
// will get new token but keep the same id. Parameter is optional,
// because when user visit the page first time, it will generate
// random id.
func (rcv *controller) createJwt(oldSid ...string) (string, error) {
token := jwt.New(jwt.GetSigningMethod("RS256"))
// Assign the already exists session id
if oldSid != nil {
token.Claims["id"] = oldSid[0]
} else {
token.Claims["id"] = uniuri.NewLen(20)
}
// Set session id on context, that would be available, when user
// visit the site on first time.
context.Set(rcv.request, context.SID, token.Claims["id"])
token.Claims["exp"] = time.Now().Add(time.Minute * 15).Unix()
signed, err := token.SignedString(privateSignedKey)
if err != nil {
return "", err
}
return signed, nil
}
// Set signed user during a request
func (rcv *reader) setSignedUserContext() {
context.Set(rcv.request, context.SIGNEDID, rcv.SignedUser)
}
func (rcv *controller) setLang() {
str := strings.Split(rcv.request.Header.Get("Accept-Language"), ",")
context.Set(rcv.request, context.LANGUAGE, str[0])
}