writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 Commits
45 Branches
107 MiB
 
 
 
 
 
Tree: ebeacff43c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ebeacff43c'
${ noResults }
writefreely/session.go

129 lines
2.8 KiB
Raw Blame History 

  1. package writefreely

  2. 

  3. import (

  4. 	"encoding/gob"

  5. 	"github.com/gorilla/sessions"

  6. 	"github.com/writeas/web-core/log"

  7. 	"net/http"

  8. 	"strings"

  9. )

  10. 

  11. const (

  12. 	day           = 86400

  13. 	sessionLength = 180 * day

  14. 	cookieName    = "wfu"

  15. 	cookieUserVal = "u"

  16. 

  17. 	blogPassCookieName = "ub"

  18. )

  19. 

  20. // initSession creates the cookie store. It depends on the keychain already

  21. // being loaded.

  22. func initSession(app *app) *sessions.CookieStore {

  23. 	// Register complex data types we'll be storing in cookies

  24. 	gob.Register(&User{})

  25. 

  26. 	// Create the cookie store

  27. 	store := sessions.NewCookieStore(app.keys.cookieAuthKey, app.keys.cookieKey)

  28. 	store.Options = &sessions.Options{

  29. 		Path:     "/",

  30. 		MaxAge:   sessionLength,

  31. 		HttpOnly: true,

  32. 		Secure:   strings.HasPrefix(app.cfg.App.Host, "https://"),

  33. 	}

  34. 	return store

  35. }

  36. 

  37. func getSessionFlashes(app *app, w http.ResponseWriter, r *http.Request, session *sessions.Session) ([]string, error) {

  38. 	var err error

  39. 	if session == nil {

  40. 		session, err = app.sessionStore.Get(r, cookieName)

  41. 		if err != nil {

  42. 			return nil, err

  43. 		}

  44. 	}

  45. 

  46. 	f := []string{}

  47. 	if flashes := session.Flashes(); len(flashes) > 0 {

  48. 		for _, flash := range flashes {

  49. 			if str, ok := flash.(string); ok {

  50. 				f = append(f, str)

  51. 			}

  52. 		}

  53. 	}

  54. 	saveUserSession(app, r, w)

  55. 

  56. 	return f, nil

  57. }

  58. 

  59. func addSessionFlash(app *app, w http.ResponseWriter, r *http.Request, m string, session *sessions.Session) error {

  60. 	var err error

  61. 	if session == nil {

  62. 		session, err = app.sessionStore.Get(r, cookieName)

  63. 	}

  64. 

  65. 	if err != nil {

  66. 		log.Error("Unable to add flash '%s': %v", m, err)

  67. 		return err

  68. 	}

  69. 

  70. 	session.AddFlash(m)

  71. 	saveUserSession(app, r, w)

  72. 	return nil

  73. }

  74. 

  75. func getUserAndSession(app *app, r *http.Request) (*User, *sessions.Session) {

  76. 	session, err := app.sessionStore.Get(r, cookieName)

  77. 	if err == nil {

  78. 		// Got the currently logged-in user

  79. 		val := session.Values[cookieUserVal]

  80. 		var u = &User{}

  81. 		var ok bool

  82. 		if u, ok = val.(*User); ok {

  83. 			return u, session

  84. 		}

  85. 	}

  86. 

  87. 	return nil, nil

  88. }

  89. 

  90. func getUserSession(app *app, r *http.Request) *User {

  91. 	u, _ := getUserAndSession(app, r)

  92. 	return u

  93. }

  94. 

  95. func saveUserSession(app *app, r *http.Request, w http.ResponseWriter) error {

  96. 	session, err := app.sessionStore.Get(r, cookieName)

  97. 	if err != nil {

  98. 		return ErrInternalCookieSession

  99. 	}

  100. 

  101. 	// Extend the session

  102. 	session.Options.MaxAge = int(sessionLength)

  103. 

  104. 	// Remove any information that accidentally got added

  105. 	// FIXME: find where Plan information is getting saved to cookie.

  106. 	val := session.Values[cookieUserVal]

  107. 	var u = &User{}

  108. 	var ok bool

  109. 	if u, ok = val.(*User); ok {

  110. 		session.Values[cookieUserVal] = u.Cookie()

  111. 	}

  112. 

  113. 	err = session.Save(r, w)

  114. 	if err != nil {

  115. 		log.Error("Couldn't saveUserSession: %v", err)

  116. 	}

  117. 	return err

  118. }

  119. 

  120. func getFullUserSession(app *app, r *http.Request) *User {

  121. 	u := getUserSession(app, r)

  122. 	if u == nil {

  123. 		return nil

  124. 	}

  125. 

  126. 	u, _ = app.db.GetUserByID(u.ID)

  127. 	return u

  128. }