Exemplo n.º 1
0
// load reads a file and decodes its content into session.Values.
func (s *FilesystemStore) load(session *Session) error {
	filename := s.path + "session_" + session.ID
	fp, err := os.OpenFile(filename, os.O_RDONLY, 0400)
	if err != nil {
		return err
	}
	defer fp.Close()
	var fdata []byte
	buf := make([]byte, 128)
	for {
		var n int
		n, err = fp.Read(buf[0:])
		fdata = append(fdata, buf[0:n]...)
		if err != nil {
			if err == io.EOF {
				break
			}
			return err
		}
	}
	if err = securecookie.DecodeMulti(session.Name(), string(fdata),
		&session.Values, s.Codecs...); err != nil {
		return err
	}
	return nil
}
Exemplo n.º 2
0
func Regen(r *http.Request) (uint64, error) {
	name := "remember"
	c, err := r.Cookie(name)
	if err != nil {
		if err == http.ErrNoCookie {
			return 0, nil
		}
		fmt.Println("cookie err", err)
		return 0, err
	}
	vals := make([]interface{}, 2)
	err = securecookie.DecodeMulti(name, c.Value, &vals, sessionStore.Codecs...)
	if err != nil {
		return 0, err
	}
	id := vals[0].(uint64)
	se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
	if rerr != nil {
		return 0, rerr
	}
	ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
	if string(ph.Hash) == vals[1].(string) {
		return id, nil
	}
	return 0, nil
}
Exemplo n.º 3
0
func (s *MongoStore) New(r *http.Request, name string) (*sessions.Session,
	error) {
	session := sessions.NewSession(s, name)
	session.Options = &(*s.Options)
	session.IsNew = true
	var err error
	if c, errCookie := r.Cookie(name); errCookie == nil {
		err = securecookie.DecodeMulti(name, c.Value, &session.ID,
			s.Codecs...)
		if err == nil {
			err = s.load(session)
			if err == nil {
				session.IsNew = false
			}
		}
	}

	// Remove older sessions
	s.DBCollection.RemoveAll(bson.M{
		"age": bson.M{
			"$lt": bson.Now().Add(time.Duration(-s.Options.MaxAge) * time.Second),
		},
	})
	return session, err
}
Exemplo n.º 4
0
func (s *MongoStore) load(session *sessions.Session) error {
	mg := &MgSessionTbl{SessionID: []byte(session.ID)}
	err := s.DBCollection.Find(bson.M{"sessionid": []byte(session.ID)}).One(mg)
	if err == nil {
		err = securecookie.DecodeMulti(session.Name(),
			string(mg.Encoded), &session.Values, s.Codecs...)
	}
	return err
}
Exemplo n.º 5
0
// New returns a session for the given name without adding it to the registry.
//
// The difference between New() and Get() is that calling New() twice will
// decode the session data twice, while Get() registers and reuses the same
// decoded session after the first call.
func (s *CookieStore) New(r *http.Request, name string) (*Session, error) {
	session := NewSession(s, name)
	session.IsNew = true
	var err error
	if c, errCookie := r.Cookie(name); errCookie == nil {
		err = securecookie.DecodeMulti(name, c.Value, &session.Values,
			s.Codecs...)
		if err == nil {
			session.IsNew = false
		}
	}
	return session, err
}
Exemplo n.º 6
0
// New returns a session for the given name without adding it to the registry.
//
// See CookieStore.New().
func (s *FilesystemStore) New(r *http.Request, name string) (*Session, error) {
	session := NewSession(s, name)
	session.Options = &(*s.Options)
	session.IsNew = true
	var err error
	if c, errCookie := r.Cookie(name); errCookie == nil {
		err = securecookie.DecodeMulti(name, c.Value, &session.ID, s.Codecs...)
		if err == nil {
			err = s.load(session)
			if err == nil {
				session.IsNew = false
			}
		}
	}
	return session, err
}
Exemplo n.º 7
0
// load reads a file and decodes its content into session.Values.
func (s *redisStore) load(session *sessions.Session) error {
	if session.Name() == "remember" {
		return nil
	}
	key := "session:" + session.ID
	se, rerr := RedisClient.Get(key)
	if rerr != nil {
		return rerr
	}
	ss := se.String()
	if ss == "" {
		return nil
	}
	err := securecookie.DecodeMulti(session.Name(), ss, &session.Values, s.Codecs...)
	if err != nil {
		return err
	}
	return nil
}
Exemplo n.º 8
0
// New returns a session for the given name without adding it to the registry.
//
// See CookieStore.New().
func (s *redisStore) New(r *http.Request, name string) (*sessions.Session, error) {
	var c *http.Cookie
	var err error
	c, err = r.Cookie(name)
	if err != nil && err != http.ErrNoCookie {
		return nil, err
	}
	var session *sessions.Session
	session = sessions.NewSession(s, name)
	session.IsNew = true

	if c != nil {
		securecookie.DecodeMulti(name, c.Value, &session.ID, s.Codecs...)
		s.load(session)
		if len(session.Values) > 0 {
			session.IsNew = false
		}
	}
	return session, nil
}