示例#1
0
// Generates a authentication token, stores it in a Redis instance under a new id and stores the id in a cookie on the user's browser to allow the gateway to later retrieve the token from the cookie and authenticate the user
func Session(w http.ResponseWriter, req *http.Request) {
	req.ParseForm()
	if req.FormValue("username") != "" && req.FormValue("password") != "" {
		// Perform an OAuth "Resource Owner Password Credentials Grant"
		req.Form.Add("grant_type", "password")

		body, err := ServiceBody(PostMethod, req, "OAuth2", "/oauth2/token", "application/x-www-form-urlencoded", []byte(req.Form.Encode()))
		if err != nil {
			logs.Error(err)
			return
		}

		// TODO: Check http status for errors
		access := new(components.AccessData)
		if err := json.Unmarshal(body, access); err != nil {
			logs.Error(err)
			jsonapi.Error(w, req, err.Error(), http.StatusBadRequest)
			return
		}
		if access.AccessToken == "" {
			var err = errors.New("wrong identifiers")
			logs.Error(err)
			jsonapi.Fail(w, req, err.Error(), http.StatusBadRequest)
			return
		}
		session := &components.Session{
			ID:           strings.TrimRight(base64.StdEncoding.EncodeToString(uuid.NewRandom()), "="),
			AccessToken:  access.AccessToken,
			RefreshToken: access.RefreshToken,
			ExpiresIn:    access.ExpiresIn,
		}
		app := router.Context(req).Env["Application"].(*application.Application)
		store := app.Components["Redis"].(*components.RedisStore)
		if err := store.Save(session); err != nil {
			logs.Error(err)
			jsonapi.Error(w, req, err.Error(), http.StatusBadRequest)
			return
		}

		cookie := &http.Cookie{Name: "SID", Value: session.ID, Expires: time.Now().Add(356 * 24 * time.Hour)}
		http.SetCookie(w, cookie)
		jsonapi.Success(w, req, "", http.StatusOK)
		fmt.Println(cookie)
	} else {
		jsonapi.Error(w, req, "Bad Request", http.StatusBadRequest)
	}
}
示例#2
0
// Deletes the cookie on the user's browser, allows him to logout
func DeleteSession(w http.ResponseWriter, req *http.Request) {
	cookie, err := req.Cookie("SID")
	if err == nil {
		app := router.Context(req).Env["Application"].(*application.Application)
		store := app.Components["Redis"].(*components.RedisStore)

		err := store.Delete(cookie.Value)
		if err != nil {
			logs.Error(err)
			jsonapi.Error(w, req, err.Error(), http.StatusBadRequest)
			return
		}
		cookie := &http.Cookie{Name: "SID", Value: cookie.Value, Expires: time.Now()}
		http.SetCookie(w, cookie)
		jsonapi.Success(w, req, "", http.StatusOK)
		logs.Debug("Cookie deleted")
	} else {
		logs.Error(err)
	}
}