// Creates a session with TTL and adds to the response. Does NOT return the session info response. func (h *handler) makeSessionWithTTL(user auth.User, expiry time.Duration) (sessionID string, err error) { if user == nil { return "", base.HTTPErrorf(http.StatusUnauthorized, "Invalid login") } h.user = user auth := h.db.Authenticator() session, err := auth.CreateSession(user.Name(), expiry) if err != nil { return "", err } cookie := auth.MakeSessionCookie(session) base.AddDbPathToCookie(h.rq, cookie) http.SetCookie(h.response, cookie) return session.ID, nil }
func (h *handler) makeSession(user auth.User) error { if user == nil { return base.HTTPErrorf(http.StatusUnauthorized, "Invalid login") } h.user = user auth := h.db.Authenticator() session, err := auth.CreateSession(user.Name(), kDefaultSessionTTL) if err != nil { return err } cookie := auth.MakeSessionCookie(session) base.AddDbPathToCookie(h.rq, cookie) http.SetCookie(h.response, cookie) return h.respondWithSessionInfo() }
func (auth *Authenticator) AuthenticateCookie(rq *http.Request, response http.ResponseWriter) (User, error) { cookie, _ := rq.Cookie(CookieName) if cookie == nil { return nil, nil } var session LoginSession _, err := auth.bucket.Get(docIDForSession(cookie.Value), &session) if err != nil { if base.IsDocNotFoundError(err) { err = nil } return nil, err } // Don't need to check session.Expiration, because Couchbase will have nuked the document. //update the session Expiration if 10% or more of the current expiration time has elapsed //if the session does not contain a Ttl (probably created prior to upgrading SG), use //default value of 24Hours if session.Ttl == 0 { session.Ttl = kDefaultSessionTTL } duration := session.Ttl sessionTimeElapsed := int((time.Now().Add(duration).Sub(session.Expiration)).Seconds()) tenPercentOfTtl := int(duration.Seconds()) / 10 if sessionTimeElapsed > tenPercentOfTtl { session.Expiration = time.Now().Add(duration) ttlSec := int(duration.Seconds()) if err = auth.bucket.Set(docIDForSession(session.ID), ttlSec, session); err != nil { return nil, err } base.AddDbPathToCookie(rq, cookie) cookie.Expires = session.Expiration http.SetCookie(response, cookie) } user, err := auth.GetUser(session.Username) if user != nil && user.Disabled() { user = nil } return user, err }