// AutoSignIn reads cookie and try to auto-login. func AutoSignIn(ctx *context.Context) (bool, error) { if !models.HasEngine { return false, nil } uname := ctx.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false, nil } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) } }() u, err := models.GetUserByName(uname) if err != nil { if !models.IsErrUserNotExist(err) { return false, fmt.Errorf("GetUserByName: %v", err) } return false, nil } if val, _ := ctx.GetSuperSecureCookie( base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { return false, nil } isSucceed = true ctx.Session.Set("uid", u.ID) ctx.Session.Set("uname", u.Name) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) return true, nil }