dispatch/server/auth.go

package server

import (
	"log"
	"net/http"
	"time"

	"github.com/khlieng/dispatch/storage"
)

const (
	cookieName = "dispatch"
)

func handleAuth(w http.ResponseWriter, r *http.Request) *Session {
	var session *Session

	cookie, err := r.Cookie(cookieName)
	if err != nil {
		authLog(r, "No cookie set")
		session = newUser(w, r)
	} else {
		session = sessions.get(cookie.Value)
		if session != nil {
			log.Println(r.RemoteAddr, "[Auth] GET", r.URL.Path, "| Valid token | User ID:", session.user.ID)
		} else {
			session = newUser(w, r)
		}
	}

	return session
}

func newUser(w http.ResponseWriter, r *http.Request) *Session {
	user, err := storage.NewUser()
	if err != nil {
		return nil
	}

	log.Println(r.RemoteAddr, "[Auth] Create session | User ID:", user.ID)

	session, err := NewSession(user)
	if err != nil {
		return nil
	}
	sessions.set(session)
	go session.run()

	http.SetCookie(w, &http.Cookie{
		Name:     cookieName,
		Value:    session.id,
		Path:     "/",
		Expires:  time.Now().AddDate(0, 1, 0),
		HttpOnly: true,
		Secure:   r.TLS != nil,
	})

	return session
}

func authLog(r *http.Request, s string) {
	log.Println(r.RemoteAddr, "[Auth] GET", r.URL.Path, "|", s)
}
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`package server`

			`import (`
			`"log"`
			`"net/http"`
Set auth cookie expiration 2016-01-19 19:31:22 +00:00			`"time"`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00
			`"github.com/khlieng/dispatch/storage"`
			`)`

Set long cache-control and add a hash to css and js urls, clean some things up 2016-01-25 05:01:40 +00:00			`const (`
			`cookieName = "dispatch"`
			`)`

Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`func handleAuth(w http.ResponseWriter, r http.Request) Session {`
			`var session *Session`

			`cookie, err := r.Cookie(cookieName)`
			`if err != nil {`
			`authLog(r, "No cookie set")`
			`session = newUser(w, r)`
			`} else {`
Use random session IDs instead of jwt 2018-04-26 19:32:21 +00:00			`session = sessions.get(cookie.Value)`
			`if session != nil {`
			`log.Println(r.RemoteAddr, "[Auth] GET", r.URL.Path, "\| Valid token \| User ID:", session.user.ID)`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`} else {`
			`session = newUser(w, r)`
			`}`
			`}`

			`return session`
			`}`

			`func newUser(w http.ResponseWriter, r http.Request) Session {`
Test message logging 2016-01-17 20:15:29 +00:00			`user, err := storage.NewUser()`
			`if err != nil {`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`return nil`
			`}`

			`log.Println(r.RemoteAddr, "[Auth] Create session \| User ID:", user.ID)`

Use random session IDs instead of jwt 2018-04-26 19:32:21 +00:00			`session, err := NewSession(user)`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`if err != nil {`
			`return nil`
			`}`
Use random session IDs instead of jwt 2018-04-26 19:32:21 +00:00			`sessions.set(session)`
			`go session.run()`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00
			`http.SetCookie(w, &http.Cookie{`
			`Name: cookieName,`
Use random session IDs instead of jwt 2018-04-26 19:32:21 +00:00			`Value: session.id,`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`Path: "/",`
Set auth cookie expiration 2016-01-19 19:31:22 +00:00			`Expires: time.Now().AddDate(0, 1, 0),`
Store auth info in a JWT token in a cookie 2016-01-15 01:27:30 +00:00			`HttpOnly: true,`
			`Secure: r.TLS != nil,`
			`})`

			`return session`
			`}`

			`func authLog(r *http.Request, s string) {`
			`log.Println(r.RemoteAddr, "[Auth] GET", r.URL.Path, "\|", s)`
			`}`