Exemplo n.º 1
0
func (a *AuthSession) add(s sign.Signer, w http.ResponseWriter) error {
	data, err := s.Sign(a)
	if err != nil {
		return err
	}
	http.SetCookie(w, &http.Cookie{
		Name:    "auth",
		Value:   data,
		Path:    "/",
		Expires: time.Now().AddDate(1, 0, 0),
	})
	return nil
}
Exemplo n.º 2
0
//ServeHTTP lets *Admin conform to the http.Handler interface for use in web servers.
func (a *Admin) ServeHTTP(w http.ResponseWriter, req *http.Request) {
	a.init()

	//strip off the prefix
	req.URL.Path = req.URL.Path[len(a.Prefix):]

	//if they're going to the auth handler, let them through
	if a.Auth == nil || strings.HasPrefix(req.URL.Path, a.Routes["auth"]) {
		a.server.ServeHTTP(w, req)
		return
	}

	//set up a redirect function to handle adding the redirect cookie
	//and sending them to the login handler
	redirect := func() {
		reverser := Reverser{a}
		http.SetCookie(w, &http.Cookie{
			Name:    "redirect",
			Value:   a.Prefix + req.URL.Path, //gotta put the prefix back in
			Path:    "/",
			Expires: time.Now().AddDate(1, 0, 0),
		})
		http.Redirect(w, req, reverser.Login(), http.StatusTemporaryRedirect)
	}

	signer := sign.Signer{a.Key}
	var session AuthSession

	cook, err := req.Cookie("auth")
	if err != nil {
		redirect()
		return
	}

	if err := signer.Unsign(cook.Value, &session, 0); err != nil {
		redirect()
		return
	}

	//store the auth session into our cache
	a.auth_cache[req] = session
	defer delete(a.auth_cache, req)

	a.server.ServeHTTP(w, req)
}