// DestroySession - Logout
func DestroySession(w http.ResponseWriter, r *http.Request) {
var user models.User
if authenticated := Authenticate(&user, w, r); !authenticated {
return
}
w.Header().Set("Content-Type", "application/json; charset=UTF-8")
w.WriteHeader(http.StatusNoContent)
session, err := models.GetSession(user, core.ExtractToken(r.Header.Get("Authorization")))
if err != nil {
BadRequest(err, w, r)
return
}
session.Destroy()
}
// Authenticate - autenticate a user and return true or return false and send an unauthorized status
func Authenticate(currentUser *models.User, w http.ResponseWriter, r *http.Request) bool {
token := core.ExtractToken(r.Header.Get("Authorization"))
user, err := models.GetUserByToken(token)
if err != nil {
Unauthorized(w, r)
return false
}
currentUser.ID = user.ID
currentUser.Email = user.Email
currentUser.Password = user.Password
if currentUser.ID == 0 {
Unauthorized(w, r)
return false
}
return true
}