func tryLoginUsingRememberCookie(c *middleware.Context) bool { // Check auto-login. uname := c.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) c.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl+"/") c.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl+"/") return } }() userQuery := m.GetUserByLoginQuery{LoginOrEmail: uname} if err := bus.Dispatch(&userQuery); err != nil { return false } user := userQuery.Result // validate remember me cookie if val, _ := c.GetSuperSecureCookie( util.EncodeMd5(user.Rands+user.Password), setting.CookieRememberName); val != user.Login { return false } isSucceed = true loginUserWithUser(user, c) return true }