aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdam Mathes <adam@trenchant.org>2017-01-26 20:09:14 -0800
committerAdam Mathes <adam@trenchant.org>2017-01-26 20:09:14 -0800
commit857ac6caf70eff11f0770972a7619e4e3229a39c (patch)
treec465f220e7ab8b693043633dc62843a871531788
parent5ee33b579113eb49a061b79be35f683b09e2694d (diff)
downloadneko-857ac6caf70eff11f0770972a7619e4e3229a39c.tar.gz
neko-857ac6caf70eff11f0770972a7619e4e3229a39c.tar.bz2
neko-857ac6caf70eff11f0770972a7619e4e3229a39c.zip
better cookie handling
-rw-r--r--cmd/nekocrawl.go14
-rw-r--r--cmd/nekoweb.go14
-rw-r--r--web/web.go13
3 files changed, 6 insertions, 35 deletions
diff --git a/cmd/nekocrawl.go b/cmd/nekocrawl.go
deleted file mode 100644
index 2852e4f..0000000
--- a/cmd/nekocrawl.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package main
-
-import (
- "neko/config"
- "neko/crawler"
- "neko/models"
- "os"
-)
-
-func main() {
- config.Read(os.Args[1])
- models.InitDB(config.Config.DBServer)
- crawler.Crawl()
-}
diff --git a/cmd/nekoweb.go b/cmd/nekoweb.go
deleted file mode 100644
index 0904a61..0000000
--- a/cmd/nekoweb.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package main
-
-import (
- "neko/config"
- "neko/models"
- "neko/web"
- "os"
-)
-
-func main() {
- config.Read(os.Args[1])
- models.InitDB(config.Config.DBServer)
- web.Serve()
-}
diff --git a/web/web.go b/web/web.go
index c5440cf..2cb9669 100644
--- a/web/web.go
+++ b/web/web.go
@@ -97,6 +97,7 @@ func feedHandler(w http.ResponseWriter, r *http.Request) {
}
var AuthCookie = "auth"
+var SecondsInAYear = 60*60*24*365
func loginHandler(w http.ResponseWriter, r *http.Request) {
switch r.Method {
@@ -106,11 +107,11 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
password := r.FormValue("password")
if password == config.Config.DigestPassword {
v,_ := bcrypt.GenerateFromPassword([]byte(password), 0)
- c := http.Cookie{ Name: AuthCookie, Value: string(v), Path: "/", MaxAge: 5000, HttpOnly:false }
+ c := http.Cookie{ Name: AuthCookie, Value: string(v), Path: "/", MaxAge: SecondsInAYear, HttpOnly:false }
http.SetCookie(w, &c)
- fmt.Fprintf(w, "you are logged in")
+ http.Redirect(w, r, "/", 307)
} else {
- http.Error(w, "nope", 401)
+ http.Error(w, "bad login", 401)
}
default:
http.Error(w, "nope", 500)
@@ -120,16 +121,14 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
func logoutHandler(w http.ResponseWriter, r *http.Request) {
c := http.Cookie{ Name: AuthCookie, MaxAge: 0, Path: "/", HttpOnly:false }
http.SetCookie(w, &c)
- fmt.Fprintf(w, "you are logged in")
+ fmt.Fprintf(w, "you are logged out")
}
func Authenticated(r *http.Request) bool {
pc,err := r.Cookie("auth")
- log.Printf("%v", pc)
if err != nil {
return false
}
-
err = bcrypt.CompareHashAndPassword( []byte(pc.Value), []byte(config.Config.DigestPassword) )
if err == nil {
return true
@@ -142,7 +141,7 @@ func AuthWrap(wrapped http.HandlerFunc) http.HandlerFunc {
if Authenticated(r) {
wrapped(w, r)
} else {
- http.Error(w, "nope", 401)
+ http.Redirect(w, r, "/login/", 307)
}
}
}