1
0
mirror of https://github.com/aclindsa/moneygo.git synced 2024-12-27 07:52:28 -05:00

Merge pull request #19 from aclindsa/remove_gorilla

Remove 'gorilla' framework
This commit is contained in:
Aaron Lindsay 2017-10-03 11:27:54 -04:00 committed by GitHub
commit c1dc6a21e8
2 changed files with 37 additions and 24 deletions

View File

@ -4,7 +4,6 @@ package main
import ( import (
"flag" "flag"
"github.com/gorilla/context"
"log" "log"
"net" "net"
"net/http" "net/http"
@ -76,8 +75,8 @@ func main() {
log.Printf("Serving on port %d out of directory: %s", config.MoneyGo.Port, config.MoneyGo.Basedir) log.Printf("Serving on port %d out of directory: %s", config.MoneyGo.Port, config.MoneyGo.Basedir)
if config.MoneyGo.Fcgi { if config.MoneyGo.Fcgi {
fcgi.Serve(listener, context.ClearHandler(servemux)) fcgi.Serve(listener, servemux)
} else { } else {
http.Serve(listener, context.ClearHandler(servemux)) http.Serve(listener, servemux)
} }
} }

View File

@ -1,16 +1,16 @@
package main package main
import ( import (
"crypto/rand"
"encoding/base64"
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/gorilla/securecookie" "io"
"github.com/gorilla/sessions"
"log" "log"
"net/http" "net/http"
"time"
) )
var cookie_store = sessions.NewCookieStore(securecookie.GenerateRandomKey(64))
type Session struct { type Session struct {
SessionId int64 SessionId int64
SessionSecret string `json:"-"` SessionSecret string `json:"-"`
@ -25,14 +25,13 @@ func (s *Session) Write(w http.ResponseWriter) error {
func GetSession(r *http.Request) (*Session, error) { func GetSession(r *http.Request) (*Session, error) {
var s Session var s Session
session, _ := cookie_store.Get(r, "moneygo") cookie, err := r.Cookie("moneygo-session")
_, ok := session.Values["session-secret"] if err != nil {
if !ok { return nil, fmt.Errorf("moneygo-session cookie not set")
return nil, fmt.Errorf("session-secret cookie not set")
} }
s.SessionSecret = session.Values["session-secret"].(string) s.SessionSecret = cookie.Value
err := DB.SelectOne(&s, "SELECT * from sessions where SessionSecret=?", s.SessionSecret) err = DB.SelectOne(&s, "SELECT * from sessions where SessionSecret=?", s.SessionSecret)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -46,27 +45,42 @@ func DeleteSessionIfExists(r *http.Request) {
} }
} }
func NewSessionCookie() (string, error) {
bits := make([]byte, 128)
if _, err := io.ReadFull(rand.Reader, bits); err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString(bits), nil
}
func NewSession(w http.ResponseWriter, r *http.Request, userid int64) (*Session, error) { func NewSession(w http.ResponseWriter, r *http.Request, userid int64) (*Session, error) {
s := Session{} s := Session{}
session, _ := cookie_store.Get(r, "moneygo") session_secret, err := NewSessionCookie()
if err != nil {
return nil, err
}
session.Values["session-secret"] = string(securecookie.GenerateRandomKey(64)) cookie := http.Cookie{
s.SessionSecret = session.Values["session-secret"].(string) Name: "moneygo-session",
Value: session_secret,
Path: "/",
Domain: r.URL.Host,
Expires: time.Now().AddDate(0, 1, 0), // a month from now
Secure: true,
HttpOnly: true,
}
http.SetCookie(w, &cookie)
s.SessionSecret = session_secret
s.UserId = userid s.UserId = userid
err := DB.Insert(&s) err = DB.Insert(&s)
if err != nil { if err != nil {
return nil, err return nil, err
} }
err = session.Save(r, w)
if err != nil {
return nil, err
} else {
return &s, nil return &s, nil
} }
}
func SessionHandler(w http.ResponseWriter, r *http.Request) { func SessionHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" || r.Method == "PUT" { if r.Method == "POST" || r.Method == "PUT" {