forked from mpnordland/coconut
/
session.go
69 lines (60 loc) · 1.45 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package main
import (
"code.google.com/p/go.crypto/bcrypt"
"github.com/hoisie/web"
"math/rand"
"strconv"
"time"
)
type session struct{
id string
expiresOn time.Time
}
type SessionManager struct {
sessions []session
users map[string]string
}
func NewSessionManager(config *Config) *SessionManager {
return &SessionManager{make([]session, 0), config.Users}
}
func (sm *SessionManager) SessionExists(id string) bool {
for _, s := range sm.sessions {
if s.id == id && time.Now().Before(s.expiresOn) {
return true
}
}
return false
}
func (sm *SessionManager) removeExpired(){
w := 0
for _, s := range sm.sessions {
if time.Now().After(s.expiresOn) {
continue
}
sm.sessions[w] = s
w++
}
sm.sessions = sm.sessions[:w]
}
func (sm *SessionManager) LoggedIn(ctx *web.Context) bool {
if id, ok := ctx.GetSecureCookie("TDB-user"); ok && sm.SessionExists(id) {
return true
}
return false
}
func (sm *SessionManager) Login(ctx *web.Context, user, pass string) bool {
sm.removeExpired()
if sm.LoggedIn(ctx) {
return true
}
if pHash, ok := sm.users[user]; ok && bcrypt.CompareHashAndPassword([]byte(pHash), []byte(pass)) == nil {
s := session{makeSessionId(), time.Now().Add(2*time.Minute)}
sm.sessions = append(sm.sessions, s)
ctx.SetSecureCookie("TDB-user", s.id, 120)
return true
}
return false
}
func makeSessionId() string {
return strconv.Itoa(rand.Int())
}