diff options
| -rw-r--r-- | login.go | 43 | ||||
| -rw-r--r-- | mailremind.ini | 5 | ||||
| -rw-r--r-- | main.go | 28 |
3 files changed, 71 insertions, 5 deletions
@@ -40,6 +40,15 @@ func userFromSess(sess *sessions.Session) model.User { return user } +func getSess(req *http.Request) (*sessions.Session, error) { + sess, err := SessionStorage.Get(req, "mailremind-sess") + if err != nil { + sess, err = SessionStorage.New(req, "mailremind-sess") + } + + return sess, err +} + func login(rw http.ResponseWriter, req *http.Request) { outdata := &loginTpldata{} defer func() { @@ -48,9 +57,10 @@ func login(rw http.ResponseWriter, req *http.Request) { } }() - sess, err := SessionStorage.Get(req, "mailremind-sess") + sess, err := getSess(req) if err != nil { - sess, _ = SessionStorage.New(req, "mailremind-sess") + outdata.Error = "Could not create a session. " + err.Error() + return } defer func() { if err := sess.Save(req, rw); err != nil { @@ -103,7 +113,7 @@ func login(rw http.ResponseWriter, req *http.Request) { } func logincheck(rw http.ResponseWriter, req *http.Request) { - sess, _ := SessionStorage.Get(req, "mailremind-sess") + sess, _ := getSess(req) user := userFromSess(sess) outdata := new(msgTpldata) if user == nil { @@ -113,3 +123,30 @@ func logincheck(rw http.ResponseWriter, req *http.Request) { } tplMsg.Execute(rw, outdata) } + +func logout(rw http.ResponseWriter, req *http.Request) { + outdata := &msgTpldata{Class: "error", Title: "Logout"} + defer func() { + if err := tplMsg.Execute(rw, outdata); err != nil { + log.Printf("Error executing template in login: %s", err) + } + }() + + sess, err := getSess(req) + if err != nil { + outdata.Msg = "Could not create a session." + return + } + defer func() { + if err := sess.Save(req, rw); err != nil { + log.Printf("Error while saving session: %s", err) + outdata.Class = "error" + outdata.Msg = "Error while saving session." + return + } + }() + + delete(sess.Values, "uid") + outdata.Class = "success" + outdata.Msg = "Your are now logged out." +} diff --git a/mailremind.ini b/mailremind.ini index 2331919..af20b11 100644 --- a/mailremind.ini +++ b/mailremind.ini @@ -1,6 +1,11 @@ [web] baseurl=http://localhost:8080 +[securecookies] +# Both auth and crypt must only contain hexadecimal characters. For best security: 64 Hex chars +auth=6e988360457b4f481a44a90515abeb53428aefdb6f99c34f23f631667b4542a8 +crypt=2a3b337386908b691e933f285b7b2f0b370abeed8e943fbd7be6d228d5fd6527 + [net] laddr=:8080 @@ -1,10 +1,10 @@ package main import ( + "encoding/hex" "flag" "fmt" "github.com/gorilla/mux" - "github.com/gorilla/securecookie" "github.com/gorilla/sessions" "github.com/kch42/simpleconf" _ "kch42.de/gostuff/mailremind/model/mysql" @@ -19,7 +19,29 @@ func debug(rw http.ResponseWriter, req *http.Request) { var conf simpleconf.Config var baseurl string -var SessionStorage = sessions.NewCookieStore(securecookie.GenerateRandomKey(32), securecookie.GenerateRandomKey(32)) +var SessionStorage sessions.Store + +func initSessions() { + _auth, err := conf.GetString("securecookies", "auth") + if err != nil { + log.Fatalf("Could not get securecookies.auth from config: %s", err) + } + auth, err := hex.DecodeString(_auth) + if err != nil { + log.Fatalf("Could not decode securecookies.auth as hex: %s", err) + } + + _crypt, err := conf.GetString("securecookies", "crypt") + if err != nil { + log.Fatalf("Could not get securecookies.crypt from config: %s", err) + } + crypt, err := hex.DecodeString(_crypt) + if err != nil { + log.Fatalf("Could not decode securecookies.auth as hex: %s", err) + } + + SessionStorage = sessions.NewCookieStore(auth, crypt) +} func main() { confpath := flag.String("config", "", "Path to config file") @@ -34,6 +56,7 @@ func main() { log.Fatalf("Could not get web.baseurl from config: %s", err) } + initSessions() initTpls() loadTimeLocs() initMailing() @@ -57,6 +80,7 @@ func main() { router.HandleFunc("/activate", activate) router.HandleFunc("/login", login) router.HandleFunc("/logincheck", logincheck) + router.HandleFunc("/logout", logout) http.Handle("/", router) |