// GetUserIDForRequest tries to get user ID from basic auth header and session. // It returns the user ID, whether need further verification(when the id is from session) and if the action is successful func (b *BaseAPI) GetUserIDForRequest() (int, bool, bool) { username, password, ok := b.Ctx.Request.BasicAuth() if ok { log.Infof("Requst with Basic Authentication header, username: %s", username) user, err := auth.Login(models.AuthModel{ Principal: username, Password: password, }) if err != nil { log.Errorf("Error while trying to login, username: %s, error: %v", username, err) user = nil } if user != nil { // User login successfully no further check required. return user.UserID, false, true } } sessionUserID, ok := b.GetSession("userId").(int) if ok { // The ID is from session return sessionUserID, true, true } log.Debug("No valid user id in session.") return 0, false, false }
func authenticate(principal, password string) *models.User { user, err := auth.Login(models.AuthModel{ Principal: principal, Password: password, }) if err != nil { log.Errorf("Error occurred in UserLogin: %v", err) return nil } return user }
// Login handles login request from UI. func (cc *CommonController) Login() { principal := cc.GetString("principal") password := cc.GetString("password") user, err := auth.Login(models.AuthModel{ Principal: principal, Password: password, }) if err != nil { log.Errorf("Error occurred in UserLogin: %v", err) cc.CustomAbort(http.StatusUnauthorized, "") } if user == nil { cc.CustomAbort(http.StatusUnauthorized, "") } cc.SetSession("userId", user.UserID) cc.SetSession("username", user.Username) }