aclindsa
/
moneygo
mirror of https://github.com/aclindsa/moneygo.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #29 from aclindsa/sessions 

Sessions
This commit is contained in:
Aaron Lindsay 2017-11-19 20:53:39 -05:00 committed by GitHub
parent 56dcc5e1d7 ac5826daca
commit be0d9051d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
internal/handlers/sessions.go
View File

@ -16,6 +16,8 @@ type Session struct {
SessionId int64
SessionSecret string `json:"-"`
UserId int64
Created time.Time
Expires time.Time
}
func (s *Session) Write(w http.ResponseWriter) error {
@ -41,6 +43,11 @@ func GetSession(tx *Tx, r *http.Request) (*Session, error) {
if err != nil {
return nil, err
}
if s.Expires.Before(time.Now()) {
tx.Delete(&s)
return nil, fmt.Errorf("Session has expired")
}
return &s, nil
}
@ -81,6 +88,14 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
return nil, err
}
existing, err := tx.SelectInt("SELECT count(*) from sessions where SessionSecret=?", session_secret)
if err != nil {
return nil, err
}
if existing > 0 {
return nil, fmt.Errorf("%d session(s) exist with the generated session_secret", existing)
}
cookie := http.Cookie{
Name: "moneygo-session",
Value: session_secret,
@ -93,6 +108,8 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
s.SessionSecret = session_secret
s.UserId = userid
s.Created = time.Now()
s.Expires = cookie.Expires
err = tx.Insert(&s)
if err != nil {