Add expiration and creation times to sessions

Check expiration time when fetching sessions from cookies

internal/handlers/sessions.go

@@ -16,6 +16,8 @@ type Session struct {
 	SessionId     int64
 	SessionSecret string `json:"-"`
 	UserId        int64
+	Created       time.Time
+	Expires       time.Time
 }
 
 func (s *Session) Write(w http.ResponseWriter) error {
@@ -41,6 +43,11 @@ func GetSession(tx *Tx, r *http.Request) (*Session, error) {
 	if err != nil {
 		return nil, err
 	}
+
+	if s.Expires.Before(time.Now()) {
+		tx.Delete(&s)
+		return nil, fmt.Errorf("Session has expired")
+	}
 	return &s, nil
 }
 
@@ -86,7 +93,7 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
 		return nil, err
 	}
 	if existing > 0 {
-		return nil, fmt.Errorf("%d session(s) exist with the generated session_secret")
+		return nil, fmt.Errorf("%d session(s) exist with the generated session_secret", existing)
 	}
 
 	cookie := http.Cookie{
@@ -101,6 +108,8 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
 
 	s.SessionSecret = session_secret
 	s.UserId = userid
+	s.Created = time.Now()
+	s.Expires = cookie.Expires
 
 	err = tx.Insert(&s)
 	if err != nil {