-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthentication.go
91 lines (84 loc) · 2.52 KB
/
authentication.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package main
import (
"database/sql"
_ "github.com/mattn/go-sqlite3"
"math/rand"
"net/http"
"time"
)
// login control code
func login(w http.ResponseWriter, r *http.Request) {
// get user,pass from the login form at index.html
r.ParseForm() // recupera campos del form tanto GET como POST
user := r.FormValue(name_username)
pass := r.FormValue(name_password)
var username, password string
var id, tipo, status int
dbgeneral, err := sql.Open("sqlite3", DirDB+"general.db")
if err != nil {
Error.Println(err)
// go back to the login form page
http.Redirect(w, r, "/"+first_page+".html?err", http.StatusFound)
return
}
defer dbgeneral.Close()
dbgen_mu.RLock()
err = dbgeneral.QueryRow("SELECT id, username, password, type, status FROM users WHERE username = ? AND password = ?", user, pass).Scan(&id, &username, &password, &tipo, &status)
dbgen_mu.RUnlock()
if err != nil {
Error.Println(err)
// go back to the login form page
http.Redirect(w, r, "/"+first_page+".html?err", http.StatusFound)
return
}
if (username == user) && (password == pass) {
// generate the cookie with the session value
aleat := rand.New(rand.NewSource(time.Now().UnixNano()))
sid := sessionid(aleat, session_value_len)
expiration := time.Now().Add(time.Duration(session_timeout) * time.Second)
cookie := http.Cookie{Name: CookieName, Value: sid, Expires: expiration}
http.SetCookie(w, &cookie)
if tipo < 3 { // superadmin or admin user
mu_user.Lock()
id_[sid] = id
user_[sid] = username
time_[sid] = expiration
type_[sid] = tipo
mu_user.Unlock()
// Send you to the 1st admin's page
http.Redirect(w, r, "/"+enter_page_admin, http.StatusFound)
return
} else { // publisher user
mu_user.Lock()
id_[sid] = id
user_[sid] = username
time_[sid] = expiration
type_[sid] = tipo
mu_user.Unlock()
// Send you to the 1st publisher's page
http.Redirect(w, r, "/"+enter_page, http.StatusFound)
return
}
} else {
// go back to the login form page
http.Redirect(w, r, "/"+first_page+".html?err", http.StatusFound)
return
}
}
// logout control code
func logout(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie(CookieName)
if err != nil {
http.Redirect(w, r, "/"+first_page+".html", http.StatusFound)
} else {
cookie.MaxAge = -1
http.SetCookie(w, cookie)
mu_user.Lock()
delete(id_, cookie.Value)
delete(user_, cookie.Value)
delete(time_, cookie.Value)
delete(type_, cookie.Value)
mu_user.Unlock()
http.Redirect(w, r, "/"+first_page+".html", http.StatusFound)
}
}