From 857ac6caf70eff11f0770972a7619e4e3229a39c Mon Sep 17 00:00:00 2001
From: Adam Mathes <adam@trenchant.org>
Date: Thu, 26 Jan 2017 20:09:14 -0800
Subject: better cookie handling

---
 cmd/nekocrawl.go | 14 --------------
 cmd/nekoweb.go   | 14 --------------
 web/web.go       | 13 ++++++-------
 3 files changed, 6 insertions(+), 35 deletions(-)
 delete mode 100644 cmd/nekocrawl.go
 delete mode 100644 cmd/nekoweb.go

diff --git a/cmd/nekocrawl.go b/cmd/nekocrawl.go
deleted file mode 100644
index 2852e4f..0000000
--- a/cmd/nekocrawl.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package main
-
-import (
-	"neko/config"
-	"neko/crawler"
-	"neko/models"
-	"os"
-)
-
-func main() {
-	config.Read(os.Args[1])
-	models.InitDB(config.Config.DBServer)
-	crawler.Crawl()
-}
diff --git a/cmd/nekoweb.go b/cmd/nekoweb.go
deleted file mode 100644
index 0904a61..0000000
--- a/cmd/nekoweb.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package main
-
-import (
-	"neko/config"
-	"neko/models"
-	"neko/web"
-	"os"
-)
-
-func main() {
-	config.Read(os.Args[1])
-	models.InitDB(config.Config.DBServer)
-	web.Serve()
-}
diff --git a/web/web.go b/web/web.go
index c5440cf..2cb9669 100644
--- a/web/web.go
+++ b/web/web.go
@@ -97,6 +97,7 @@ func feedHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 var AuthCookie = "auth"
+var SecondsInAYear = 60*60*24*365
 
 func loginHandler(w http.ResponseWriter, r *http.Request) {
 	switch r.Method {
@@ -106,11 +107,11 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
 		password := r.FormValue("password")	
 		if password == config.Config.DigestPassword {
 			v,_ := bcrypt.GenerateFromPassword([]byte(password), 0)
-			c := http.Cookie{ Name: AuthCookie, Value: string(v), Path: "/", MaxAge: 5000, HttpOnly:false }
+			c := http.Cookie{ Name: AuthCookie, Value: string(v), Path: "/", MaxAge: SecondsInAYear, HttpOnly:false }
 			http.SetCookie(w, &c)
-			fmt.Fprintf(w, "you are logged in")
+			http.Redirect(w, r, "/", 307)
 		} else {
-			http.Error(w, "nope", 401)
+			http.Error(w, "bad login", 401)
 		}		
 	default:
 		http.Error(w, "nope", 500)
@@ -120,16 +121,14 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
 func logoutHandler(w http.ResponseWriter, r *http.Request) {
 	c := http.Cookie{ Name: AuthCookie, MaxAge: 0, Path: "/", HttpOnly:false }
 	http.SetCookie(w, &c)
-	fmt.Fprintf(w, "you are logged in")
+	fmt.Fprintf(w, "you are logged out")
 }
 
 func Authenticated(r *http.Request) bool {
 	pc,err := r.Cookie("auth")
-	log.Printf("%v", pc)
 	if err != nil {
 		return false
 	}
-
 	err = bcrypt.CompareHashAndPassword( []byte(pc.Value), []byte(config.Config.DigestPassword) )
 	if err == nil {
 		return true
@@ -142,7 +141,7 @@ func AuthWrap(wrapped http.HandlerFunc) http.HandlerFunc {
 		if Authenticated(r) {
 			wrapped(w, r)
 		} else {
-			http.Error(w, "nope", 401)
+			http.Redirect(w, r, "/login/", 307)
 		}
 	}
 }
-- 
cgit v1.2.3