Add auto-login

2025-05-31 11:52:10 +00:00 · 2014-03-22 16:40:09 -04:00 · 2014-03-22 16:40:09 -04:00 · cb52f6d07d
commit cb52f6d07d
parent 59ffdbf6f8
6 changed files with 108 additions and 1 deletions
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@ -61,6 +61,7 @@ func (f *RegisterForm) Validate(errors *binding.Errors, req *http.Request, conte
 type LogInForm struct {
 	UserName string `form:"username" binding:"Required;AlphaDash;MaxSize(30)"`
 	Password string `form:"passwd" binding:"Required;MinSize(6);MaxSize(30)"`
+	Remember string `form:"remember"`
 }

 func (f *LogInForm) Name(field string) string {
--- a/modules/base/conf.go
+++ b/modules/base/conf.go
@ -38,6 +38,10 @@ var (
 	RunUser      string
 	RepoRootPath string

+	LogInRememberDays  int
+	CookieUserName     string
+	CookieRememberName string
+
 	Cfg         *goconfig.ConfigFile
 	MailService *Mailer

@ -252,6 +256,10 @@ func NewConfigContext() {
 	SecretKey = Cfg.MustValue("security", "SECRET_KEY")
 	RunUser = Cfg.MustValue("", "RUN_USER")

+	LogInRememberDays = Cfg.MustInt("security", "LOGIN_REMEMBER_DAYS")
+	CookieUserName = Cfg.MustValue("security", "COOKIE_USERNAME")
+	CookieRememberName = Cfg.MustValue("security", "COOKIE_REMEMBER_NAME")
+
 	PictureService = Cfg.MustValue("picture", "SERVICE")
 	PictureRootPath = Cfg.MustValue("picture", "PATH")

--- a/modules/middleware/context.go
+++ b/modules/middleware/context.go
@ -5,9 +5,14 @@
 package middleware

 import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
 	"fmt"
 	"html/template"
 	"net/http"
+	"strconv"
+	"strings"
 	"time"

 	"github.com/codegangsta/martini"
@ -155,6 +160,44 @@ func (ctx *Context) SetCookie(name string, value string, others ...interface{})
 	ctx.Res.Header().Add("Set-Cookie", cookie.String())
 }

+// Get secure cookie from request by a given key.
+func (ctx *Context) GetSecureCookie(Secret, key string) (string, bool) {
+	val := ctx.GetCookie(key)
+	if val == "" {
+		return "", false
+	}
+
+	parts := strings.SplitN(val, "|", 3)
+
+	if len(parts) != 3 {
+		return "", false
+	}
+
+	vs := parts[0]
+	timestamp := parts[1]
+	sig := parts[2]
+
+	h := hmac.New(sha1.New, []byte(Secret))
+	fmt.Fprintf(h, "%s%s", vs, timestamp)
+
+	if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
+		return "", false
+	}
+	res, _ := base64.URLEncoding.DecodeString(vs)
+	return string(res), true
+}
+
+// Set Secure cookie for response.
+func (ctx *Context) SetSecureCookie(Secret, name, value string, others ...interface{}) {
+	vs := base64.URLEncoding.EncodeToString([]byte(value))
+	timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
+	h := hmac.New(sha1.New, []byte(Secret))
+	fmt.Fprintf(h, "%s%s", vs, timestamp)
+	sig := fmt.Sprintf("%02x", h.Sum(nil))
+	cookie := strings.Join([]string{vs, timestamp, sig}, "|")
+	ctx.SetCookie(name, cookie, others...)
+}
+
 func (ctx *Context) CsrfToken() string {
 	if len(ctx.csrfToken) > 0 {
 		return ctx.csrfToken