Implemented Logout and improved sessions

author: Kevin Chabowski <kevin@kch42.de> 2013-08-30 13:46:34 +0200
committer: Kevin Chabowski <kevin@kch42.de> 2013-08-30 13:46:34 +0200
commit: bf1207d7f3a4e95124c5f1498f96fad298e496a6 (patch)
tree: ef6317abdddbbbf8da152b7f18d1f15720019381
parent: 5c0a901b1b3e522ed523e966feb9901b8c7e01ff (diff)
download: mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.tar.gz
mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.tar.bz2
mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.zip
3 files changed, 71 insertions, 5 deletions
diff --git a/login.go b/login.go
index f678216..e5d039d 100644
--- a/login.go
+++ b/login.go
@@ -40,6 +40,15 @@ func userFromSess(sess *sessions.Session) model.User {
 	return user
 }
 
+func getSess(req *http.Request) (*sessions.Session, error) {
+	sess, err := SessionStorage.Get(req, "mailremind-sess")
+	if err != nil {
+		sess, err = SessionStorage.New(req, "mailremind-sess")
+	}
+
+	return sess, err
+}
+
 func login(rw http.ResponseWriter, req *http.Request) {
 	outdata := &loginTpldata{}
 	defer func() {
@@ -48,9 +57,10 @@ func login(rw http.ResponseWriter, req *http.Request) {
 		}
 	}()
 
-	sess, err := SessionStorage.Get(req, "mailremind-sess")
+	sess, err := getSess(req)
 	if err != nil {
-		sess, _ = SessionStorage.New(req, "mailremind-sess")
+		outdata.Error = "Could not create a session. " + err.Error()
+		return
 	}
 	defer func() {
 		if err := sess.Save(req, rw); err != nil {
@@ -103,7 +113,7 @@ func login(rw http.ResponseWriter, req *http.Request) {
 }
 
 func logincheck(rw http.ResponseWriter, req *http.Request) {
-	sess, _ := SessionStorage.Get(req, "mailremind-sess")
+	sess, _ := getSess(req)
 	user := userFromSess(sess)
 	outdata := new(msgTpldata)
 	if user == nil {
@@ -113,3 +123,30 @@ func logincheck(rw http.ResponseWriter, req *http.Request) {
 	}
 	tplMsg.Execute(rw, outdata)
 }
+
+func logout(rw http.ResponseWriter, req *http.Request) {
+	outdata := &msgTpldata{Class: "error", Title: "Logout"}
+	defer func() {
+		if err := tplMsg.Execute(rw, outdata); err != nil {
+			log.Printf("Error executing template in login: %s", err)
+		}
+	}()
+
+	sess, err := getSess(req)
+	if err != nil {
+		outdata.Msg = "Could not create a session."
+		return
+	}
+	defer func() {
+		if err := sess.Save(req, rw); err != nil {
+			log.Printf("Error while saving session: %s", err)
+			outdata.Class = "error"
+			outdata.Msg = "Error while saving session."
+			return
+		}
+	}()
+
+	delete(sess.Values, "uid")
+	outdata.Class = "success"
+	outdata.Msg = "Your are now logged out."
+}
diff --git a/mailremind.ini b/mailremind.ini
index 2331919..af20b11 100644
--- a/mailremind.ini
+++ b/mailremind.ini
@@ -1,6 +1,11 @@
 [web]
 baseurl=http://localhost:8080
 
+[securecookies]
+# Both auth and crypt must only contain hexadecimal characters. For best security: 64 Hex chars
+auth=6e988360457b4f481a44a90515abeb53428aefdb6f99c34f23f631667b4542a8
+crypt=2a3b337386908b691e933f285b7b2f0b370abeed8e943fbd7be6d228d5fd6527
+
 [net]
 laddr=:8080
 
diff --git a/main.go b/main.go
index 8af1fc1..0289256 100644
--- a/main.go
+++ b/main.go
@@ -1,10 +1,10 @@
 package main
 
 import (
+	"encoding/hex"
 	"flag"
 	"fmt"
 	"github.com/gorilla/mux"
-	"github.com/gorilla/securecookie"
 	"github.com/gorilla/sessions"
 	"github.com/kch42/simpleconf"
 	_ "kch42.de/gostuff/mailremind/model/mysql"
@@ -19,7 +19,29 @@ func debug(rw http.ResponseWriter, req *http.Request) {
 var conf simpleconf.Config
 var baseurl string
 
-var SessionStorage = sessions.NewCookieStore(securecookie.GenerateRandomKey(32), securecookie.GenerateRandomKey(32))
+var SessionStorage sessions.Store
+
+func initSessions() {
+	_auth, err := conf.GetString("securecookies", "auth")
+	if err != nil {
+		log.Fatalf("Could not get securecookies.auth from config: %s", err)
+	}
+	auth, err := hex.DecodeString(_auth)
+	if err != nil {
+		log.Fatalf("Could not decode securecookies.auth as hex: %s", err)
+	}
+
+	_crypt, err := conf.GetString("securecookies", "crypt")
+	if err != nil {
+		log.Fatalf("Could not get securecookies.crypt from config: %s", err)
+	}
+	crypt, err := hex.DecodeString(_crypt)
+	if err != nil {
+		log.Fatalf("Could not decode securecookies.auth as hex: %s", err)
+	}
+
+	SessionStorage = sessions.NewCookieStore(auth, crypt)
+}
 
 func main() {
 	confpath := flag.String("config", "", "Path to config file")
@@ -34,6 +56,7 @@ func main() {
 		log.Fatalf("Could not get web.baseurl from config: %s", err)
 	}
 
+	initSessions()
 	initTpls()
 	loadTimeLocs()
 	initMailing()
@@ -57,6 +80,7 @@ func main() {
 	router.HandleFunc("/activate", activate)
 	router.HandleFunc("/login", login)
 	router.HandleFunc("/logincheck", logincheck)
+	router.HandleFunc("/logout", logout)
 
 	http.Handle("/", router)
author	Kevin Chabowski <kevin@kch42.de>	2013-08-30 13:46:34 +0200
committer	Kevin Chabowski <kevin@kch42.de>	2013-08-30 13:46:34 +0200
commit	bf1207d7f3a4e95124c5f1498f96fad298e496a6 (patch)
tree	ef6317abdddbbbf8da152b7f18d1f15720019381
parent	5c0a901b1b3e522ed523e966feb9901b8c7e01ff (diff)
download	mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.tar.gz mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.tar.bz2 mailremind-bf1207d7f3a4e95124c5f1498f96fad298e496a6.zip