func LoginPost(c *middleware.Context, cmd dtos.LoginCommand) Response { authQuery := login.LoginUserQuery{ Username: cmd.User, Password: cmd.Password, } if err := bus.Dispatch(&authQuery); err != nil { if err == login.ErrInvalidCredentials { return ApiError(401, "Invalid username or password", err) } return ApiError(500, "Error while trying to authenticate user", err) } user := authQuery.User loginUserWithUser(user, c) result := map[string]interface{}{ "message": "Logged in", } if redirectTo, _ := url.QueryUnescape(c.GetCookie("redirect_to")); len(redirectTo) > 0 { result["redirectUrl"] = redirectTo c.SetCookie("redirect_to", "", -1, setting.AppSubUrl+"/") } metrics.M_Api_Login_Post.Inc(1) return Json(200, result) }
func tryLoginUsingRememberCookie(c *middleware.Context) bool { // Check auto-login. uname := c.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) c.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl+"/") c.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl+"/") return } }() userQuery := m.GetUserByLoginQuery{LoginOrEmail: uname} if err := bus.Dispatch(&userQuery); err != nil { return false } user := userQuery.Result // validate remember me cookie if val, _ := c.GetSuperSecureCookie( util.EncodeMd5(user.Rands+user.Password), setting.CookieRememberName); val != user.Login { return false } isSucceed = true loginUserWithUser(user, c) return true }
func LoginView(c *middleware.Context) { if err := setIndexViewData(c); err != nil { c.Handle(500, "Failed to get settings", err) return } settings := c.Data["Settings"].(map[string]interface{}) settings["googleAuthEnabled"] = setting.OAuthService.Google settings["githubAuthEnabled"] = setting.OAuthService.GitHub settings["disableUserSignUp"] = !setting.AllowUserSignUp settings["loginHint"] = setting.LoginHint if !tryLoginUsingRememberCookie(c) { c.HTML(200, VIEW_INDEX) return } if redirectTo, _ := url.QueryUnescape(c.GetCookie("redirect_to")); len(redirectTo) > 0 { c.SetCookie("redirect_to", "", -1, setting.AppSubUrl+"/") c.Redirect(redirectTo) return } c.Redirect(setting.AppSubUrl + "/") }
func loginUserWithUser(user *m.User, c *middleware.Context) { if user == nil { log.Error(3, "User login with nil user") } days := 86400 * setting.LogInRememberDays c.SetCookie(setting.CookieUserName, user.Login, days, setting.AppSubUrl+"/") c.SetSuperSecureCookie(util.EncodeMd5(user.Rands+user.Password), setting.CookieRememberName, user.Login, days, setting.AppSubUrl+"/") c.Session.Set(middleware.SESS_KEY_USERID, user.Id) }
func Logout(c *middleware.Context) { c.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl+"/") c.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl+"/") c.Session.Destory(c) c.Redirect(setting.AppSubUrl + "/login") }