Esempio n. 1
0
func HttpWrapper(res http.ResponseWriter, req *http.Request, actions []string) (*controllers.BaseController, bool) {
	switch req.Method {
	case "POST":
		if strings.Contains(req.Header.Get("Content-Type"), "multipart/form-data") {
			req.ParseMultipartForm(10000000)
		} else {
			req.ParseForm()
		}
	}
	c := &controllers.BaseController{}
	s, err := sessions.Open("cloaka", req, res)
	if err != nil {
		http.Error(res, "Error creating session", 500)
	}
	c.Session = s
	for _, action := range actions {
		switch action {
		case "guest":
			if c.Session.GetValue("logged") != nil {
				if c.Session.GetValue("logged").(string) != "false" {
					http.Redirect(res, req, "/account/manage", 301)
					return nil, false
				}
			}
		case "csrf":
			csrf := c.Session.GetValue("csrf")
			if csrf == nil {
				http.Redirect(res, req, req.URL.Path, 301)
				return nil, false
			}
			if csrf.(string) != req.PostFormValue("token") {
				http.Redirect(res, req, req.URL.Path, 301)
				return nil, false
			}
			c.Session.SetValue("csrf", controllers.GenerateToken(12))
		case "logged":
			logged := c.Session.GetValue("logged")
			if logged != "true" {
				http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
				return nil, false
			}
			tkn := c.Session.GetValue("token")
			if tkn == nil {
				http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
				return nil, false
			}
			account := models.GetAccountByToken(tkn.(string))
			if account.Name == "" {
				http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
				return nil, false
			}
			c.Account = account
		case "admin":
			if c.Account.Admin == 0 {
				return nil, false
			}
		}
	}
	return c, true
}
Esempio n. 2
0
func CheckIfLogged(base *BaseController) bool {
	logged := base.Session.GetValue("logged")
	if logged != "true" {
		return false
	}
	tkn := base.Session.GetValue("token")
	if tkn == nil {
		return false
	}
	account := models.GetAccountByToken(tkn.(string))
	if account.Name == "" {
		return false
	}
	return true
}
Esempio n. 3
0
func (a *Module) isLogged(L *lua.LState) int {
	logged := a.Session.GetValue("logged")
	if logged != "true" {
		L.Push(lua.LBool(false))
		return 1
	}
	tkn := a.Session.GetValue("token")
	if tkn == nil {
		L.Push(lua.LBool(false))
		return 1
	}
	account := models.GetAccountByToken(tkn.(string))
	if account.Name == "" {
		L.Push(lua.LBool(false))
		return 1
	}
	accountTable := general.ParseStruct(account)
	L.Push(accountTable)
	return 1
}