snj

1. ///<script src="https://gist.github.com/mschoebel/9398202.js"></script>
2.  
3. package main
4.  
5. import (
6.     "fmt"
7.     "net/http"
8.  
9.     "github.com/gorilla/mux"
10.     "github.com/gorilla/securecookie"
11. )
12.  
13. // cookie handling
14.  
15. var cookieHandler = securecookie.New(
16.     securecookie.GenerateRandomKey(64),
17.     securecookie.GenerateRandomKey(32),
18. )
19.  
20. func getUserName(req *http.Request) (userID string) {
21.     cookie, err := req.Cookie("session")
22.     if err == nil {
23.         cookieValue := make(map[string]string)
24.         if err = cookieHandler.Decode("session", cookie.Value, &cookieValue); err == nil {
25.             userID = cookieValue["name"]
26.         }
27.     }
28.     return userID
29. }
30.  
31. func setSession(userID string, res http.ResponseWriter) {
32.     value := map[string]string{
33.         "name": userID,
34.     }
35.     encoded, err := cookieHandler.Encode("session", value)
36.     if err == nil {
37.         cookie := &http.Cookie{
38.             Name:  "session",
39.             Value: encoded,
40.             Path:  "/",
41.         }
42.         http.SetCookie(res, cookie)
43.     }
44. }
45.  
46. func clearSession(res http.ResponseWriter) {
47.     cookie := &http.Cookie{
48.         Name:   "session",
49.         Value:  "",
50.         Path:   "/",
51.         MaxAge: -1,
52.     }
53.     http.SetCookie(res, cookie)
54. }
55.  
56. // login handler
57.  
58. func loginHandler(response http.ResponseWriter, request *http.Request) {
59.     name := request.FormValue("name")
60.     pass := request.FormValue("password")
61.     redirectTarget := "/"
62.     if name != "" && pass != "" {
63.         // .. check credentials ..
64.         setSession(name, response)
65.         redirectTarget = "/internal"
66.     }
67.     http.Redirect(response, request, redirectTarget, 302)
68. }
69.  
70. // logout handler
71.  
72. func logoutHandler(response http.ResponseWriter, request *http.Request) {
73.     clearSession(response)
74.     http.Redirect(response, request, "/", 302)
75. }
76.  
77. // index page
78.  
79. const indexPage = `
80. <h1>Login</h1>
81. <form method="post" action="/login">
82.     <label for="name">User name</label>
83.     <input type="text" id="name" name="name">
84.     <label for="password">Password</label>
85.     <input type="password" id="password" name="password">
86.     <button type="submit">Login</button>
87. </form>
88. `
89.  
90. func indexPageHandler(response http.ResponseWriter, request *http.Request) {
91.     fmt.Fprintf(response, indexPage)
92. }
93.  
94. // internal page
95.  
96. const internalPage = `
97. <h1>Internal</h1>
98. <hr>
99. <small>User: %s</small>
100. <form method="post" action="/logout">
101.     <button type="submit">Logout</button>
102. </form>
103. `
104.  
105. func internalPageHandler(response http.ResponseWriter, request *http.Request) {
106.     userName := getUserName(request)
107.     if userName != "" {
108.         fmt.Fprintf(response, internalPage, userName)
109.     } else {
110.         http.Redirect(response, request, "/", 302)
111.     }
112. }
113.  
114. // server main method
115.  
116. var router = mux.NewRouter()
117.  
118. func main() {
119.  
120.     router.HandleFunc("/", indexPageHandler)
121.     router.HandleFunc("/internal", internalPageHandler)
122.  
123.     router.HandleFunc("/login", loginHandler).Methods("POST")
124.     router.HandleFunc("/logout", logoutHandler).Methods("POST")
125.  
126.     http.Handle("/", router)
127.     http.ListenAndServe(":9000", nil)
128. }