// UserLogin Check Login func UserLogin(w http.ResponseWriter, r *http.Request, proute routes.Proute) { time.Sleep(1 * time.Second) // limit rate l := proute.Json.(*Userlogin) tx, err := db.DB.Beginx() if err != nil { log.Panicln("Can't start transaction for creating a new user") return } user := model.User{ Username: l.Username, } err = user.Get(tx) if err != nil { log.Println("Login failed for user :"******"(can't find this username)") tx.Rollback() ArkeoError(w, 401, "Bad Username/Password") return } // test login ok := user.Login(l.Password) if !ok { log.Println("Login failed for user :"******"(password mismatch)") tx.Rollback() ArkeoError(w, 401, "Bad Username/Password") return } user.Password = "" // immediatly erase password field log.Println("Login ", user.Username, " => ", ok) token, s := session.NewSession() s.Values["user_id"] = user.Id s.Values["user"] = user a, err := loginAnswer(w, tx, user, token) if err != nil { log.Println("Login answer build failed : ", err) tx.Rollback() return } err = tx.Commit() if err != nil { userSqlError(w, err) return } j, err := json.Marshal(a) w.Write(j) }
// UserLogout will destroy it's session func UserLogout(w http.ResponseWriter, r *http.Request, proute routes.Proute) { time.Sleep(1 * time.Second) // limit rate u, ok := proute.Session.Get("user") if ok { user, ok := u.(model.User) log.Println("Logout ", user.Username, " => ", ok) } token := r.Header.Get("Authorization") session.DestroySession(token) tx, err := db.DB.Beginx() if err != nil { log.Panicln("Can't start transaction for creating a new user") return } user := model.User{ Id: 0, } err = user.Get(tx) user.Password = "" // immediatly erase password field if err != nil { log.Println("Failed to load anonymous user ") tx.Rollback() ArkeoError(w, 401, "Bad thing appned") return } log.Println("Logout ", user.Username) token, s := session.NewSession() s.Values["user_id"] = user.Id s.Values["user"] = user a, err := loginAnswer(w, tx, user, token) if err != nil { log.Println("Login answer build failed : ", err) tx.Rollback() return } err = tx.Commit() if err != nil { userSqlError(w, err) return } j, err := json.Marshal(a) w.Write(j) }