// InfosSession get infos about the session (including remaining time) func InfosSession(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) { var resp InfosSessionResponse var session models.Session sid := handle.P.ByName("token") if sid == "" { return nil, tools.NewError(nil, 400, "bad request: missing token") } if tools.CheckID(sid) == false { return nil, tools.NewError(nil, 400, "bad request: invalid token") } session.IDFromHex(sid) err := session.Get(db) if err != nil { return nil, err } remaining := int(session.Expire - time.Now().Unix()) if remaining <= 0 { return nil, tools.NewError(nil, 404, "not found: session is expired") } resp.Status = "ok" resp.Session.UserID = session.UserID.Hex() resp.Session.Domain = session.Domain resp.Session.Expire = session.Expire resp.Session.Remaining = remaining return resp, nil }
// Logoff deletes a session (expired or not) func Logoff(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) { var session models.Session sid := handle.P.ByName("token") if sid == "" { return nil, tools.NewError(nil, 400, "bad request: missing token") } if tools.CheckID(sid) == false { return nil, tools.NewError(nil, 400, "bad request: invalid token") } session.IDFromHex(sid) err := session.Delete(db) if err != nil { return nil, err } return LogoffResponse{"ok"}, nil }
func CheckSession(q CheckRequest, db *mgo.DbQueue) (interface{}, error) { var resp CheckResponse var session models.Session if q.Token == "" { return nil, tools.NewError(nil, 400, "bad request: token is missing") } if tools.CheckID(q.Token) == false { return nil, tools.NewError(nil, 400, "bad request: invalid token") } if q.Domain == "" { return nil, tools.NewError(nil, 400, "bad request: domain is missing") } if q.Domain == "/" { return nil, tools.NewError(nil, 400, "bad request: illegal domain") } session.IDFromHex(q.Token) err := session.Get(db) if err != nil { return nil, err } if session.Expire < time.Now().Unix() { return nil, tools.NewError(nil, 404, "not found: session is expired") } if tools.CheckDomain(q.Domain, session.Domain) == false { return nil, tools.NewError(nil, 403, "forbidden: restricted domain") } resp.Status = "ok" resp.Session.UserID = session.UserID.Hex() resp.Session.Expire = session.Expire resp.Session.Remaining = int(session.Expire - time.Now().Unix()) return resp, nil }