// Login logs in a user by creating a new session record if there is a valid user/password combination.
func (auth *AuthService) Login(name string, password string) (models.Session, error) {
var err error
session := models.Session{}
user, err := auth.UserDAO.GetByName(name)
if err != nil {
log.Println(err)
return session, err
}
err = bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password))
if err != nil {
log.Println(err)
return session, err
}
// If no error occured. We want to generate a new session token
session.UserID = user.ID
// Consider the session expired after 30 days
session.ExpiresAt = time.Now().AddDate(0, 0, 30)
sessionID, err := auth.SessionDAO.Create(&session)
if err != nil {
return session, err
}
session.ID = sessionID
return session, err
}
func (dao *SessionDAO) Create(session *m.Session) (string, error) {
session.CreatedAt = time.Now()
session.UpdatedAt = time.Now()
result, err := r.Table("sessions").Insert(session).RunWrite(dao.Session)
if err != nil {
log.Println(err)
}
session.ID = result.GeneratedKeys[0]
return session.ID, nil
}