Browse Source

Update timeout functionality and add logout function for admin

pull/2/head
Tovi Jaeschke-Rogers 3 years ago
parent
commit
275a8a6dbe
2 changed files with 38 additions and 18 deletions
  1. +37
    -18
      Webserver/Admin.go
  2. +1
    -0
      Webserver/Webserver.go

+ 37
- 18
Webserver/Admin.go View File

@ -19,12 +19,12 @@ import (
func CheckAuth(w http.ResponseWriter, r *http.Request) bool { func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
var ( var (
session *sessions.Session
lastActiveUnix int64
lastActive time.Time
auth bool
exists bool
e error
session *sessions.Session
lastLoginUnix int64
lastLogin time.Time
auth bool
exists bool
e error
) )
session, e = Variables.CookieStore.Get(r, Variables.CookieName) session, e = Variables.CookieStore.Get(r, Variables.CookieName)
if e != nil { if e != nil {
@ -36,14 +36,14 @@ func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
return false return false
} }
lastActiveUnix, exists = session.Values["lastActive"].(int64)
lastLoginUnix, exists = session.Values["lastLogin"].(int64)
if !exists { if !exists {
return false return false
} }
lastActive = time.Unix(lastActiveUnix, 0)
lastLogin = time.Unix(lastLoginUnix, 0)
lastLogin = lastLogin.Add(3 * time.Hour)
lastActive.Add(12 * time.Hour)
if time.Now().Before(lastActive) {
if time.Now().After(lastLogin) {
session.Values = make(map[interface{}]interface{}) session.Values = make(map[interface{}]interface{})
session.Values["authenticated"] = false session.Values["authenticated"] = false
session.AddFlash("Login Expired") session.AddFlash("Login Expired")
@ -55,13 +55,6 @@ func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
return false return false
} }
session.Values["lastLogin"] = time.Now().Unix()
e = session.Save(r, w)
if e != nil {
log.Println(e.Error())
return false
}
return true return true
} }
@ -123,6 +116,32 @@ func comparePasswords(hashedPwd, plainPwd string) bool {
return true return true
} }
func AdminLogout(w http.ResponseWriter, r *http.Request) {
var (
session *sessions.Session
e error
)
if !CheckAuth(w, r) {
http.Redirect(w, r, "/admin/login", 302)
return
}
session, e = Variables.CookieStore.Get(r, Variables.CookieName)
if e != nil {
log.Println("Could not get session cookie")
http.Error(w, "Error", http.StatusInternalServerError)
return
}
session.Values["authenticated"] = false
session.Values["lastLogin"] = nil
session.Save(r, w)
http.Redirect(w, r, "/admin/logout", 302)
return
}
func AdminLogin(w http.ResponseWriter, r *http.Request) { func AdminLogin(w http.ResponseWriter, r *http.Request) {
var ( var (
session *sessions.Session session *sessions.Session
@ -182,7 +201,7 @@ func AdminLogin(w http.ResponseWriter, r *http.Request) {
} }
session.Values["authenticated"] = true session.Values["authenticated"] = true
session.Values["lastActive"] = time.Now().Unix()
session.Values["lastLogin"] = time.Now().Unix()
session.Save(r, w) session.Save(r, w)
http.Redirect(w, r, "/admin", 302) http.Redirect(w, r, "/admin", 302)


+ 1
- 0
Webserver/Webserver.go View File

@ -65,6 +65,7 @@ func Start() error {
// Administration // Administration
r.HandleFunc("/admin", AdminView) r.HandleFunc("/admin", AdminView)
r.HandleFunc("/admin/login", AdminLogin) r.HandleFunc("/admin/login", AdminLogin)
r.HandleFunc("/admin/logout", AdminLogout)
r.HandleFunc("/admin/post/new", AdminNewPost) r.HandleFunc("/admin/post/new", AdminNewPost)
r.HandleFunc("/admin/post/{id}/edit", AdminEditPost) r.HandleFunc("/admin/post/{id}/edit", AdminEditPost)


Loading…
Cancel
Save