/
main.go
102 lines (86 loc) · 2.7 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package main
import (
"database/sql"
"github.com/coopernurse/gorp"
"github.com/go-martini/martini"
"github.com/martini-contrib/binding"
"github.com/martini-contrib/render"
"github.com/martini-contrib/sessionauth"
"github.com/martini-contrib/sessions"
_ "github.com/mattn/go-sqlite3"
"log"
"net/http"
"os"
)
var dbmap *gorp.DbMap
func initDb() *gorp.DbMap {
// Delete our SQLite database if it already exists so we have a clean start
_, err := os.Open("martini-sessionauth.bin")
if err == nil {
os.Remove("martini-sessionauth.bin")
}
db, err := sql.Open("sqlite3", "martini-sessionauth.bin")
if err != nil {
log.Fatalln("Fail to create database", err)
}
dbmap := &gorp.DbMap{Db: db, Dialect: gorp.SqliteDialect{}}
dbmap.AddTableWithName(MyUserModel{}, "users").SetKeys(true, "Id")
err = dbmap.CreateTablesIfNotExists()
if err != nil {
log.Fatalln("Could not build tables", err)
}
user := MyUserModel{1, "testuser", "password", false}
err = dbmap.Insert(&user)
if err != nil {
log.Fatalln("Could not insert test user", err)
}
return dbmap
}
func main() {
store := sessions.NewCookieStore([]byte("secret123"))
dbmap = initDb()
m := martini.Classic()
m.Use(render.Renderer())
// Default our store to use Session cookies, so we don't leave logged in
// users roaming around
store.Options(sessions.Options{
MaxAge: 0,
})
m.Use(sessions.Sessions("my_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
sessionauth.RedirectUrl = "/login"
sessionauth.RedirectParam = "index"
m.Get("/", func(r render.Render) {
r.HTML(200, "index", nil)
})
m.Get("/login", func(r render.Render) {
r.HTML(200, "login", nil)
})
m.Post("/new-login", binding.Bind(MyUserModel{}), func(session sessions.Session, postedUser MyUserModel, r render.Render, req *http.Request) {
// You should verify credentials against a database or some other mechanism at this point.
// Then you can authenticate this session.
user := MyUserModel{}
err := dbmap.SelectOne(&user, "SELECT * FROM users WHERE username = $1 and password = $2", postedUser.Username, postedUser.Password)
if err != nil {
r.Redirect(sessionauth.RedirectUrl)
return
} else {
err := sessionauth.AuthenticateSession(session, &user)
if err != nil {
r.JSON(500, err)
}
params := req.URL.Query()
redirect := params.Get(sessionauth.RedirectParam)
r.Redirect(redirect)
return
}
})
m.Get("/private", sessionauth.LoginRequired, func(r render.Render, user sessionauth.User) {
r.HTML(200, "private", user.(*MyUserModel))
})
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
})
m.Run()
}