func HttpWrapper(res http.ResponseWriter, req *http.Request, actions []string) (*controllers.BaseController, bool) {
switch req.Method {
case "POST":
if strings.Contains(req.Header.Get("Content-Type"), "multipart/form-data") {
req.ParseMultipartForm(10000000)
} else {
req.ParseForm()
}
}
c := &controllers.BaseController{}
s, err := sessions.Open("cloaka", req, res)
if err != nil {
http.Error(res, "Error creating session", 500)
}
c.Session = s
for _, action := range actions {
switch action {
case "guest":
if c.Session.GetValue("logged") != nil {
if c.Session.GetValue("logged").(string) != "false" {
http.Redirect(res, req, "/account/manage", 301)
return nil, false
}
}
case "csrf":
csrf := c.Session.GetValue("csrf")
if csrf == nil {
http.Redirect(res, req, req.URL.Path, 301)
return nil, false
}
if csrf.(string) != req.PostFormValue("token") {
http.Redirect(res, req, req.URL.Path, 301)
return nil, false
}
c.Session.SetValue("csrf", controllers.GenerateToken(12))
case "logged":
logged := c.Session.GetValue("logged")
if logged != "true" {
http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
return nil, false
}
tkn := c.Session.GetValue("token")
if tkn == nil {
http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
return nil, false
}
account := models.GetAccountByToken(tkn.(string))
if account.Name == "" {
http.Redirect(res, req, fmt.Sprintf("/account/login?intended=%v", url.QueryEscape(req.URL.Path)), 301)
return nil, false
}
c.Account = account
case "admin":
if c.Account.Admin == 0 {
return nil, false
}
}
}
return c, true
}
func CheckIfLogged(base *BaseController) bool {
logged := base.Session.GetValue("logged")
if logged != "true" {
return false
}
tkn := base.Session.GetValue("token")
if tkn == nil {
return false
}
account := models.GetAccountByToken(tkn.(string))
if account.Name == "" {
return false
}
return true
}
func (a *Module) isLogged(L *lua.LState) int {
logged := a.Session.GetValue("logged")
if logged != "true" {
L.Push(lua.LBool(false))
return 1
}
tkn := a.Session.GetValue("token")
if tkn == nil {
L.Push(lua.LBool(false))
return 1
}
account := models.GetAccountByToken(tkn.(string))
if account.Name == "" {
L.Push(lua.LBool(false))
return 1
}
accountTable := general.ParseStruct(account)
L.Push(accountTable)
return 1
}