/
session.go
98 lines (88 loc) · 2.74 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// Copyright 2012 The AEGo Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package user
import (
"appengine/datastore"
"errors"
"github.com/gaego/context"
"github.com/gaego/ds"
"github.com/gaego/session"
"github.com/gaego/user/email"
"net/http"
)
var (
ErrNoLoggedInUser = errors.New("user: no logged in user")
)
// CurrentUserID returns the userId of the requesting user.
func CurrentUserID(r *http.Request) (string, error) {
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
}
s, err := store.Get(r, "user")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
}
if err != nil {
return "", err
}
id, _ := s.Values["userid"].(string)
return id, err
}
// CurrentUserIDByEmail returns the userId of the requesting user. Or the userID
// associated with the provided email.
func CurrentUserIDByEmail(r *http.Request, emailAddress string) (string, error) {
// TODO: User merge if the session UserID is different then the email UserID
// search session
sessID, _ := CurrentUserID(r)
if sessID != "" {
// TODO: maybe confirm that the UserID exists?
// There are case where the session may have an incorrect UserID.
return sessID, nil
}
// search by email
c := context.NewContext(r)
e, err := email.Get(c, emailAddress)
if err != nil {
return "", err
}
return e.UserID, nil
}
// CurrentUserSetID adds the provided userId to the current users session/cookie
func CurrentUserSetID(w http.ResponseWriter, r *http.Request, userId string) error {
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
}
s, err := store.Get(r, "user")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
return err
}
s.Values["userid"] = userId
return s.Save(r, w)
}
// Current checks the requesting User's session to see if they have an
// account. If they do, the provided User struct is populated with the
// information that is saved in the datastore. If they don't an error is
// returned.
func Current(r *http.Request) (*User, error) {
id, _ := CurrentUserID(r)
if id != "" {
c := context.NewContext(r)
u := new(User)
key := datastore.NewKey(c, "User", id, 0, nil)
err := ds.Get(c, key, u)
u.Key = key
return u, err
}
return nil, ErrNoLoggedInUser
}
// Logout sets the session userid to "", effectivly logging the user out.
// TODO maybe delete cookie, instead.
func Logout(w http.ResponseWriter, r *http.Request) error {
return CurrentUserSetID(w, r, "")
}