func Auth_Login_POST(rw http.ResponseWriter, req *http.Request) { email := req.PostFormValue("email") password := req.PostFormValue("password") userID, ak, isAdmin := ValidateUserEmailPassword(req, email, password) if userID == 0 { session.AddFlash(req, session.Flash{ Severity: "error", Msg: "Invalid e. mail address or password.", }) Auth_Login_GET(rw, req) return } session.Set(req, "user_id", int(userID)) session.Set(req, "user_ak", ak) session.Set(req, "user_is_admin", isAdmin) if req.PostFormValue("remember") != "" { session.Set(req, "session_lifetime", 90*24*time.Hour) } session.Bump(req) session.AddFlash(req, session.Flash{ Severity: "success", Msg: "You have been logged in.", }) authz.ReturnRedirect(req, 302, authz.AfterLoginURL) }
func Auth_Logout_POST(rw http.ResponseWriter, req *http.Request) { session.Delete(req, "user_id") session.Delete(req, "user_ak") session.Delete(req, "user_is_admin") session.Delete(req, "signup_flow") session.AddFlash(req, session.Flash{ Severity: "success", Msg: "You have been logged out.", }) authz.ReturnRedirect(req, 302, "/") }