Пример #1
0
func (l *Login) handleLogin(w http.ResponseWriter, req *http.Request) {
	if ok, err := l.csrf.Check(req, req.FormValue("csrf")); !ok || err != nil {
		glog.Errorf("Unable to check CSRF token: %v", err)
		failed(errorCodeTokenExpired, w, req)
		return
	}
	then := req.FormValue("then")
	if len(then) == 0 {
		http.Redirect(w, req, "/", http.StatusFound)
		return
	}
	username, password := req.FormValue("username"), req.FormValue("password")
	if username == "" {
		failed(errorCodeUserRequired, w, req)
		return
	}
	user, ok, err := l.auth.AuthenticatePassword(username, password)
	if err != nil {
		glog.Errorf(`Error authenticating %q with provider %q: %v`, username, l.provider, err)
		failed(errorpage.AuthenticationErrorCode(err), w, req)
		return
	}
	if !ok {
		glog.V(4).Infof(`Login with provider %q failed for %q`, l.provider, username)
		failed(errorCodeAccessDenied, w, req)
		return
	}
	glog.V(4).Infof(`Login with provider %q succeeded for %q: %#v`, l.provider, username, user)
	l.auth.AuthenticationSucceeded(user, then, w, req)
}
Пример #2
0
func (l *Login) handleLogin(w http.ResponseWriter, req *http.Request) {
	if ok, err := l.csrf.Check(req, req.FormValue("csrf")); !ok || err != nil {
		glog.Errorf("Unable to check CSRF token: %v", err)
		failed(errorCodeTokenExpired, w, req)
		return
	}
	then := req.FormValue("then")
	user, password := req.FormValue("username"), req.FormValue("password")
	if user == "" {
		failed(errorCodeUserRequired, w, req)
		return
	}
	context, ok, err := l.auth.AuthenticatePassword(user, password)
	if err != nil {
		glog.Errorf("Unable to authenticate password: %v", err)
		failed(errorpage.AuthenticationErrorCode(err), w, req)
		return
	}
	if !ok {
		failed(errorCodeAccessDenied, w, req)
		return
	}
	l.auth.AuthenticationSucceeded(context, then, w, req)
}