// GetUserCookie will get the Username from the http session. If the session is
// inactive, or if the session has expired, then an error will be returned.
func GetUserCookie(r *http.Request) (user string, err error) {
//look for the authcookie
cookie, err := r.Cookie(Config.CookieName)
//if doesn't exist (or is malformed) redirect
//back to the login url
if err != nil {
return "", err
}
login, expires, err := authcookie.Parse(cookie.Value, Config.CookieSecret)
//if there was an error parsing the cookie, redirect
//back to the login url
if err != nil {
return "", err
}
//if the cookie is expired, redirect back to the
//login url
if time.Now().After(expires) {
return "", errors.New("User session Expired")
}
return login, nil
}
// GetUserCookieName will get the User data from the http session for the
// specified secure cookie. If the session is inactive, or if the session has
// expired, then an error will be returned.
func GetUserCookieName(r *http.Request, name string) (User, error) {
//look for the authcookie
cookie, err := r.Cookie(name)
//if doesn't exist (or is malformed) redirect
//back to the login url
if err != nil {
return nil, err
}
// get the login string from authcookie
login, expires, err := authcookie.Parse(cookie.Value, Config.CookieSecret)
//if there was an error parsing the cookie, redirect
//back to the login url
if err != nil {
return nil, err
}
//if the cookie is expired, redirect back to the
//login url
if time.Now().After(expires) {
return nil, ErrSessionExpired
}
// parse the user data from the cookie string
u := user{}
_, err = fmt.Fscanf(strings.NewReader(login), "%q|%q|%q|%q|%q|%q|%q|%q",
&u.id, &u.provider, &u.name, &u.email,
&u.link, &u.picture, &u.org, &u.role)
// if we were unable to parse the cookie return an exception
if err != nil {
return nil, ErrInvalidCookieFormat
}
return &u, err
}