Esempio n. 1
0
func UserLogin(r *http.Request, db *sql.DB, s sessions.Session, rw http.ResponseWriter) (int, string) {
	var id string
	var pass string

	email, password := r.FormValue("email"), r.FormValue("password")
	err := db.QueryRow("select id, password from appuser where email=$1", email).Scan(&id, &pass)

	if err != nil || bcrypt.CompareHashAndPassword([]byte(pass), []byte(password)) != nil {
		//return 401, "Not Authorized. Buuuurn!"
		http.Redirect(rw, r, "/wrong", http.StatusFound)
	}

	//set the user id in the session
	s.Set("userId", id)

	//return user
	if returnUrl, ok := s.Get("returnUrl").(string); ok {
		s.Delete("returnUrl")
		http.Redirect(rw, r, returnUrl, http.StatusFound)
	} else {
		http.Redirect(rw, r, "/", http.StatusFound)
	}

	return 200, "User id is " + id
}
Esempio n. 2
0
func getSignin(s sessions.Session, w http.ResponseWriter, r *http.Request) {
	s.Delete("username")
	if !oauthEnabled() {
		http.Redirect(w, r, "/", http.StatusFound)
		return
	}

	body, err := Asset("templates/signin.html")
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Printf("ERROR: %s", err)
		return
	}

	tmpl, err := template.New("config.js").Parse(string(body))
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Printf("ERROR: %s", err)
		return
	}

	err = tmpl.Execute(w, struct {
		Error  string
		Google bool
	}{
		Error:  r.FormValue("error"),
		Google: googleOauthEnabled(),
	})
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Printf("ERROR: %s", err)
		return
	}
}
Esempio n. 3
0
func inner_GET_authorize(c martini.Context, sess sessions.Session, r *http.Request, ar *osin.AuthorizeRequest) bool {
	var (
		identity = ActiveIdentity(c)
		source   = current_url(r)
		handler  martini.Handler
	)

	if identity != nil {
		ar.UserData = identity
		sess.Delete("flow")
		return true
	} else {
		sess.Set("flow", FlowState{
			Type:    AuthorizeFlow,
			Source:  source,
			StartAt: time.Now(),
		})

		if provider := r.URL.Query().Get("p"); provider == "" {
			handler = show_provider_chooser()
		} else {
			handler = redirect_to_provider(provider)
		}
	}

	c.Invoke(handler)
	return false
}
Esempio n. 4
0
func (s *AEServer) HandleLogout(session sessions.Session) {
	toki := session.Get("Login")
	if toki == nil {
		return
	}
	s.ch_logout <- toki.(string)
	session.Delete("Login")
}
Esempio n. 5
0
func getFlash(session sessions.Session, key string) string {
	value := session.Get(key)

	if value == nil {
		return ""
	} else {
		session.Delete(key)
		return value.(string)
	}
}
Esempio n. 6
0
// LogoutUser is a route which deletes session cookie "user", from the given client.
// On API call responds with HTTP 200 body and on frontend the client is redirected to homepage "/".
func LogoutUser(req *http.Request, s sessions.Session, res render.Render) {
	s.Delete("user")
	switch Root(req) {
	case "api":
		res.JSON(200, map[string]interface{}{"success": "You've been logged out."})
		return
	case "user":
		res.Redirect("/", 302)
		return
	}
}
Esempio n. 7
0
func must_authenticate(c martini.Context, sess sessions.Session, db *sqlx.DB, r *http.Request) {
	identity := ActiveIdentity(c)

	if identity != nil {
		return
	}

	if r.Header.Get("x-interactive") == "true" {
		sess.Delete("identity_id")
		c.Invoke(redirect_to("/login"))
	} else {
		c.Invoke(forbidden())
	}
}
Esempio n. 8
0
func oauth2callback(params martini.Params, s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
	providerName := params["provider"]
	if providerName == "" {
		http.Error(w, "Unknown provider", http.StatusBadRequest)
		return
	}

	provider, err := gomniauth.Provider(providerName)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Printf("ERROR: %s", err)
		return
	}

	omap, err := objx.FromURLQuery(r.URL.RawQuery)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}

	creds, err := provider.CompleteAuth(omap)
	if err != nil {
		s.Delete("username")
		http.Redirect(w, r, "/signin?error=Access+Denied", http.StatusFound)
		log.Printf("ERROR: %s", err)
		return
	}

	user, err := provider.GetUser(creds)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Printf("ERROR: %s", err)
		return
	}

	if strings.HasSuffix(user.Email(), authDomain) {
		log.Printf("%s authenticated via %s", user.Email(), providerName)
		s.Set("username", user.Email())
	} else {
		http.Redirect(w, r, "/signin", http.StatusFound)
		return
	}

	http.Redirect(w, r, "/", http.StatusFound)
}
Esempio n. 9
0
func GET_login(c martini.Context, sess sessions.Session, r *http.Request) {
	var (
		identity = ActiveIdentity(c)
		source   = r.Referer()
		handler  martini.Handler
	)

	if identity != nil {
		sess.Delete("flow")
		handler = redirect_to(source)
	} else {
		sess.Set("flow", FlowState{
			Type:    LoginFlow,
			Source:  source,
			StartAt: time.Now(),
		})
		handler = show_provider_chooser()
	}

	c.Invoke(handler)
}
Esempio n. 10
0
func GET_link(c martini.Context, sess sessions.Session, r *http.Request) {
	var (
		identity = ActiveIdentity(c)
		source   = r.Referer()
		handler  martini.Handler
	)

	if identity == nil {
		sess.Delete("flow")
		handler = forbidden()
	} else {
		sess.Set("flow", FlowState{
			Type:       LinkFlow,
			Source:     source,
			IdentityId: identity.Id,
			StartAt:    time.Now(),
		})
		handler = show_provider_chooser()
	}

	c.Invoke(handler)
}
Esempio n. 11
0
func editReruenInfo(params martini.Params, session sessions.Session, r render.Render) {
	user_number := session.Get("user_number")
	user_name := session.Get("user_name")
	if user_number == nil || user_name == nil {
		r.HTML(200, "home", nil)
	}
	if params["status"] == "success" {
		msg := EditReturnInfo{
			Status:  true,
			Message: "修改成功!",
		}
		session.Delete("user_name")
		session.Delete("user_number")
		r.HTML(200, "editReruenInfo", msg)
	} else {
		msg := EditReturnInfo{
			Status:  false,
			Message: "对不起!修改失败!",
		}
		r.HTML(200, "editReruenInfo", msg)
	}
}
Esempio n. 12
0
func Logout(ren render.Render, req *http.Request, s sessions.Session) {
	s.Delete("userId")
	ren.JSON(http.StatusAccepted, nil)
}
Esempio n. 13
0
func Logout(session sessions.Session, r render.Render) {
	v := session.Get("userid")
	fmt.Println(v)
	session.Delete("userid")
	r.HTML(200, "login", "登出成功")
}
Esempio n. 14
0
func LogoutHandler(w http.ResponseWriter, req *http.Request, session sessions.Session) {
	session.Delete("username")
	http.Redirect(w, req, "/login", http.StatusFound)
}
Esempio n. 15
0
func Logout(rw http.ResponseWriter, req *http.Request, s sessions.Session) {
	s.Delete("userId")
	http.Redirect(rw, req, "/", http.StatusFound)
}
Esempio n. 16
0
func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
	next := extractPath(r.URL.Query().Get(keyNextPage))
	s.Delete(keyToken)
	http.Redirect(w, r, next, codeRedirect)
}
Esempio n. 17
0
func (this *Transport) Invalidate(s sessions.Session) {
	s.Delete(keyToken)
	this.Token = &oauth.Credentials{}
}
Esempio n. 18
0
func UserLogout(ren render.Render, s sessions.Session) {
	s.Delete("userId")
	ren.HTML(200, "logout", nil)
}
Esempio n. 19
0
func ProcessLogout(w http.ResponseWriter, r *http.Request, session sessions.Session) string {
	session.Delete("username")
	http.Redirect(w, r, "/login", http.StatusFound)
	return "OK"
}
Esempio n. 20
0
// ProtectedPage makes sure that the user is logged in. Use on pages which need authentication
// or which have to deal with user structure later on.
func ProtectedPage(req *http.Request, session sessions.Session, render render.Render) {
	if !sessionIsAlive(session) {
		session.Delete("user")
		render.JSON(401, map[string]interface{}{"error": "Unauthorized"})
	}
}
Esempio n. 21
0
func Logout(rw http.ResponseWriter, req *http.Request, sess sessions.Session) {
	sess.Delete("auth")
	http.Redirect(rw, req, "/admin/auth", http.StatusFound)
	return
}
Esempio n. 22
0
// Logout will clear out the session and call the Logout() user function.
func Logout(s sessions.Session, user User) {
	user.Logout()
	s.Delete(SessionKey)
}
Esempio n. 23
0
func HandleLogout(r render.Render, s sessions.Session) {
	s.Delete("IsLogin")
	r.Redirect("/admin/login")
}
Esempio n. 24
0
func logout(w http.ResponseWriter, r *http.Request, s sessions.Session, logger *log.Logger) {
	s.Delete("useradmin")
	w.Write(jsonResponse(map[string]interface{}{"status": true, "msg": "success"}))
}
Esempio n. 25
0
func Signout(session webSessions.Session, r render.Render) {
	session.Delete("auth_user")

	r.Redirect("/login", 302)
}
Esempio n. 26
0
func Logout(res http.ResponseWriter, req *http.Request, session sessions.Session) {
	session.Delete("login")
	session.Delete("UserName")
	http.Redirect(res, req, "/login", http.StatusFound)
	return
}
Esempio n. 27
0
func GET_logout(sess sessions.Session, rw http.ResponseWriter, r *http.Request) {
	sess.Delete("identity_id")
	http.Redirect(rw, r, "/", http.StatusFound)
}
Esempio n. 28
0
// DELETE /api/logout
func (mgr *Manager) Logout(w http.ResponseWriter, r *http.Request, ss sessions.Session) {
	ss.Delete("uid")
	w.WriteHeader(204)
}
Esempio n. 29
0
// 删除登陆令牌(登出)
// 并不会删除用户表信息
// @router /users/authentication [delete]
func (this *Controller) AuthenticationDelete(req *http.Request, session sessions.Session) (int, []byte) {
	session.Delete("id")
	return this.Success("已清空用户session")
}
Esempio n. 30
0
func Logout(session sessions.Session, render render.Render) {

	session.Delete("username")
	render.Redirect("/")
}