auth/auth.go (raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
package auth
import (
"net/http"
"nilfm.cc/git/quartzgun/cookie"
"time"
)
type User struct {
Name string
Pass string
Session string
LoginTime time.Time
LastSeen time.Time
Data map[string]interface{}
}
type UserStore interface {
InitiateSession(user string, password string, ttl int) (string, error)
ValidateUser(user string, sessionId string) (bool, error)
EndSession(user string) error
AddUser(user string, password string) error
DeleteUser(user string) error
ChangePassword(user string, oldPassword string, newPassword string) error
GetLastLoginTime(user string) (time.Time, error)
GetLastTimeSeen(user string) (time.Time, error)
SetData(user string, key string, value interface{}) error
GetData(user string, key string) (interface{}, error)
GrantToken(user, password string, ttl int) (string, error)
ValidateToken(token string) (bool, error)
ValidateTokenWithScopes(token string, scopes map[string]string) (bool, error)
}
func Login(user string, password string, userStore UserStore, w http.ResponseWriter, t int) error {
session, loginErr := userStore.InitiateSession(user, password, t)
if loginErr == nil {
cookie.StoreToken("user", user, w, t)
cookie.StoreToken("session", session, w, t)
csrfToken := cookie.GenToken(64)
cookie.StoreToken("csrfToken", csrfToken, w, t)
userStore.SetData(user, "csrfToken", csrfToken)
return nil
}
return loginErr
}
func Logout(user string, userStore UserStore, w http.ResponseWriter) error {
logoutErr := userStore.EndSession(user)
if logoutErr == nil {
cookie.StoreToken("user", "", w, 0)
cookie.StoreToken("session", "", w, 0)
cookie.StoreToken("csrfToken", "", w, 0)
userStore.SetData(user, "csrfToken", "")
return nil
}
return logoutErr
}
|