func (h *handler) makeSession(user auth.User) error {
if user == nil {
return base.HTTPErrorf(http.StatusUnauthorized, "Invalid login")
}
h.user = user
auth := h.db.Authenticator()
session, err := auth.CreateSession(user.Name(), kDefaultSessionTTL)
if err != nil {
return err
}
cookie := auth.MakeSessionCookie(session)
cookie.Path = "/" + h.db.Name + "/"
http.SetCookie(h.response, cookie)
return h.respondWithSessionInfo()
}
// Creates a session with TTL and adds to the response. Does NOT return the session info response.
func (h *handler) makeSessionWithTTL(user auth.User, expiry time.Duration) (sessionID string, err error) {
if user == nil {
return "", base.HTTPErrorf(http.StatusUnauthorized, "Invalid login")
}
h.user = user
auth := h.db.Authenticator()
session, err := auth.CreateSession(user.Name(), expiry)
if err != nil {
return "", err
}
cookie := auth.MakeSessionCookie(session)
base.AddDbPathToCookie(h.rq, cookie)
http.SetCookie(h.response, cookie)
return session.ID, nil
}