func Login(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) { // log.Println("route: login") var id uint64 if _, ok := sess.Values["id"]; ok { id = sess.Values["id"].(uint64) } if id == 0 { if r.Method != "POST" { body, tpl = loginForm(r) } else { id, err := authenticate(r) if err != nil { body, tpl = loginForm(r) } else { sess.Values["id"] = id fs := sess.Flashes("redirect") redirect = "/" if len(fs) > 0 { redirect = fs[0].(string) } } } } else { redirect = "/" } return }
func Reply(file string, w http.ResponseWriter, r *http.Request, session *sessions.Session) { buf := bufio.NewWriter(w) t, _ := template.ParseFiles(file) t.Execute(buf, session) session.Save(r, w) buf.Flush() }
// Save adds a single session to the response. func (s *redisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { var err error if session.ID == "" { var i uint64 i, err = NoeqClient.GenOne() if err != nil { return err } session.ID = strconv.FormatUint(i, 10) } if err = s.save(session); err != nil { return err } var encoded string encoded, err = securecookie.EncodeMulti(session.Name(), &session.ID, s.Codecs...) if err != nil { return err } options := s.Options if session.Options != nil { options = session.Options } cookie := &http.Cookie{ Name: session.Name(), Value: encoded, Path: options.Path, Domain: options.Domain, MaxAge: options.MaxAge, Secure: options.Secure, HttpOnly: options.HttpOnly, } http.SetCookie(w, cookie) context.DefaultContext.Clear(r) return nil }
func (s *MongoStore) load(session *sessions.Session) error { mg := &MgSessionTbl{SessionID: []byte(session.ID)} err := s.DBCollection.Find(bson.M{"sessionid": []byte(session.ID)}).One(mg) if err == nil { err = securecookie.DecodeMulti(session.Name(), string(mg.Encoded), &session.Values, s.Codecs...) } return err }
func Logout(r *http.Request, sess *sessions.Session) (body *shared.Body, tpl *template.Template, redirect string) { // log.Println("route: logout") sess.Values["id"] = uint64(0) redirect = "/" fs := sess.Flashes("last") if len(fs) != 0 { redirect = fs[0].(string) } return }
func (s *MongoStore) save(session *sessions.Session) error { encoded, err := securecookie.EncodeMulti(session.Name(), session.Values, s.Codecs...) if err != nil { return err } mg := &MgSessionTbl{ Encoded: encoded, SessionID: []byte(session.ID), Age: bson.Now(), } _, err = s.DBCollection.Upsert(bson.M{"sessionid": session.ID}, mg) return err }
// Save adds a single session to the response. func (s *DatastoreStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.ID == "" { session.ID = string(securecookie.GenerateRandomKey(32)) } if err := s.save(r, session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
func killSession(r *http.Request, w http.ResponseWriter, s *sessions.Session) error { d := make(chan bool) kills <- &sessionAction{"session:" + s.ID, 0, nil, d} f := <-d if !f { return cantKill } var opts = *sessionStore.Options opts.MaxAge = -1 s.Options = &opts // values for k, _ := range s.Values { delete(s.Values, k) } s.Save(r, w) return nil }
// load reads a file and decodes its content into session.Values. func (s *redisStore) load(session *sessions.Session) error { if session.Name() == "remember" { return nil } key := "session:" + session.ID se, rerr := RedisClient.Get(key) if rerr != nil { return rerr } ss := se.String() if ss == "" { return nil } err := securecookie.DecodeMulti(session.Name(), ss, &session.Values, s.Codecs...) if err != nil { return err } return nil }
// save writes encoded session.Values to a file. func (s *redisStore) save(session *sessions.Session) error { if session.Name() == "remember" { return nil } if len(session.Values) == 0 { // Don't need to write anything. return nil } encoded, err := securecookie.EncodeMulti(session.Name(), &session.Values, s.Codecs...) if err != nil { return err } d := make(chan bool) saves <- &sessionAction{"session:" + session.ID, int64(sessionExpire), encoded, d} f := <-d if !f { return cantSave } return nil }
// New returns a session for the given name without adding it to the registry. // // See CookieStore.New(). func (s *redisStore) New(r *http.Request, name string) (*sessions.Session, error) { var c *http.Cookie var err error c, err = r.Cookie(name) if err != nil && err != http.ErrNoCookie { return nil, err } var session *sessions.Session session = sessions.NewSession(s, name) session.IsNew = true if c != nil { securecookie.DecodeMulti(name, c.Value, &session.ID, s.Codecs...) s.load(session) if len(session.Values) > 0 { session.IsNew = false } } return session, nil }
func testSessionFlashes(t *testing.T, store sessions.Store) { defer context.Close() var req *http.Request var rsp *ResponseRecorder var hdr http.Header var err error var ok bool var cookies []string var session *sessions.Session var flashes []interface{} // Round 1 ---------------------------------------------------------------- req = getRequest() rsp = NewRecorder() // Get a session. if session, err = store.Get(req, "session-key"); err != nil { t.Fatalf("Error getting session: %v", err) } // Get a flash. flashes = session.Flashes() if len(flashes) != 0 { t.Errorf("Expected empty flashes; Got %v", flashes) } // Add some flashes. session.AddFlash("foo") session.AddFlash("bar") // Custom key. session.AddFlash("baz", "custom_key") // Save. if err = sessions.Save(req, rsp); err != nil { t.Fatalf("Error saving session: %v", err) } hdr = rsp.Header() cookies, ok = hdr["Set-Cookie"] if !ok || len(cookies) != 1 { t.Fatalf("No cookies. Header:", hdr) } // Round 2 ---------------------------------------------------------------- req = getRequest() req.Header.Add("Cookie", cookies[0]) rsp = NewRecorder() // Get a session. if session, err = store.Get(req, "session-key"); err != nil { t.Fatalf("Error getting session: %v", err) } // Check all saved values. flashes = session.Flashes() if len(flashes) != 2 { t.Fatalf("Expected flashes; Got %v", flashes) } if flashes[0] != "foo" || flashes[1] != "bar" { t.Errorf("Expected foo,bar; Got %v", flashes) } flashes = session.Flashes() if len(flashes) != 0 { t.Errorf("Expected dumped flashes; Got %v", flashes) } // Custom key. flashes = session.Flashes("custom_key") if len(flashes) != 1 { t.Errorf("Expected flashes; Got %v", flashes) } else if flashes[0] != "baz" { t.Errorf("Expected baz; Got %v", flashes) } flashes = session.Flashes("custom_key") if len(flashes) != 0 { t.Errorf("Expected dumped flashes; Got %v", flashes) } }