func TokenGet(c context.Context, w http.ResponseWriter, r *http.Request, u *User, g *goon.Goon) (interface{}, error) {
if !validCSRF(r.FormValue("csrf"), u) {
return nil, errCSRF
}
redir, err := url.Parse(r.FormValue("redirect"))
if err != nil {
return nil, err
}
uk, err := g.KeyError(u)
if err != nil {
return nil, err
}
b := make([]byte, 64)
if _, err := rand.Read(b); err != nil {
return nil, err
}
token := &Token{
ID: base64.URLEncoding.EncodeToString(b),
User: uk,
Name: r.FormValue("hostname"),
Issued: time.Now(),
}
if _, err := g.Put(token); err != nil {
return nil, err
}
values := redir.Query()
values.Add("token", token.ID)
redir.RawQuery = values.Encode()
http.Redirect(w, r, redir.String(), 302)
return nil, nil
}
