func SignIn(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("sign_in") // Check auto-login. isSucceed, err := AutoSignIn(ctx) if err != nil { ctx.Handle(500, "AutoSignIn", err) return } redirectTo := ctx.Query("redirect_to") if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", redirectTo, 0, setting.AppSubUrl) } else { redirectTo, _ = url.QueryUnescape(ctx.GetCookie("redirect_to")) } if isSucceed { if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) } else { ctx.Redirect(setting.AppSubUrl + "/") } return } ctx.HTML(200, SIGNIN) }
func Home(ctx *context.Context) { if ctx.IsSigned { if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm { ctx.Data["Title"] = ctx.Tr("auth.active_your_account") ctx.HTML(200, user.ACTIVATE) } else { user.Dashboard(ctx) } return } // Check auto-login. uname := ctx.GetCookie(setting.CookieUserName) if len(uname) != 0 { ctx.Redirect(setting.AppSubUrl + "/user/login") return } ctx.Data["PageIsHome"] = true ctx.HTML(200, HOME) }
func SignInPost(ctx *context.Context, form auth.SignInForm) { ctx.Data["Title"] = ctx.Tr("sign_in") if ctx.HasError() { ctx.HTML(200, SIGNIN) return } u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form) } else { ctx.Handle(500, "UserSignIn", err) } return } if form.Remember { days := 86400 * setting.LogInRememberDays ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl) ctx.SetSuperSecureCookie(base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName, u.Name, days, setting.AppSubUrl) } ctx.Session.Set("uid", u.ID) ctx.Session.Set("uname", u.Name) // Clear whatever CSRF has right now, force to generate a new one ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) return } ctx.Redirect(setting.AppSubUrl + "/") }
// AutoSignIn reads cookie and try to auto-login. func AutoSignIn(ctx *context.Context) (bool, error) { if !models.HasEngine { return false, nil } uname := ctx.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false, nil } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) } }() u, err := models.GetUserByName(uname) if err != nil { if !models.IsErrUserNotExist(err) { return false, fmt.Errorf("GetUserByName: %v", err) } return false, nil } if val, _ := ctx.GetSuperSecureCookie( base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { return false, nil } isSucceed = true ctx.Session.Set("uid", u.ID) ctx.Session.Set("uname", u.Name) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) return true, nil }