Audit changes.
This commit is contained in:
jdl
@@ -134,14 +134,25 @@ func (a *API) Session_SignIn(pwd string) (Session, error) {
|
||||
defer a.sessionsMu.Unlock()
|
||||
s := &Session{
|
||||
SessionID: idgen.NewToken(),
|
||||
SignedIn: true,
|
||||
CreatedAt: time.Now(),
|
||||
LastSeenAt: time.Now(),
|
||||
}
|
||||
a.sessions[s.SessionID] = s
|
||||
return *s, nil
|
||||
}
|
||||
|
||||
func (a *API) Session_InvalidateAll() Session {
|
||||
a.sessionsMu.Lock()
|
||||
defer a.sessionsMu.Unlock()
|
||||
|
||||
clear(a.sessions)
|
||||
s := &Session{
|
||||
SessionID: idgen.NewToken(),
|
||||
LastSeenAt: time.Now(),
|
||||
}
|
||||
a.sessions[s.SessionID] = s
|
||||
return *s
|
||||
}
|
||||
|
||||
// sweepSessions periodically evicts sessions past their TTL. Without it, a
|
||||
// signed-in session whose ID is never presented again would linger forever
|
||||
// (Session_Get only evicts on a lookup of that same ID).
|
||||
|
||||
@@ -11,7 +11,5 @@ type Peer = db.Peer
|
||||
|
||||
type Session struct {
|
||||
SessionID string
|
||||
SignedIn bool
|
||||
CreatedAt time.Time
|
||||
LastSeenAt time.Time
|
||||
}
|
||||
|
||||
@@ -35,7 +35,7 @@ func (app *App) handlePub(pattern string, fn handlerFunc) {
|
||||
|
||||
func (app *App) handleNotSignedIn(pattern string, fn handlerFunc) {
|
||||
app.handlePub(pattern, func(s *api.Session, w http.ResponseWriter, r *http.Request) error {
|
||||
if s.SignedIn {
|
||||
if s.SessionID != "" {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return nil
|
||||
}
|
||||
@@ -45,7 +45,7 @@ func (app *App) handleNotSignedIn(pattern string, fn handlerFunc) {
|
||||
|
||||
func (app *App) handleSignedIn(pattern string, fn handlerFunc) {
|
||||
app.handlePub(pattern, func(s *api.Session, w http.ResponseWriter, r *http.Request) error {
|
||||
if !s.SignedIn {
|
||||
if s.SessionID == "" {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -16,7 +16,7 @@ import (
|
||||
)
|
||||
|
||||
func (a *App) _root(s *api.Session, w http.ResponseWriter, r *http.Request) error {
|
||||
if s.SignedIn {
|
||||
if s.SessionID != "" {
|
||||
return a.redirect(w, r, "/admin/network/list/")
|
||||
} else {
|
||||
return a.redirect(w, r, "/sign-in/")
|
||||
@@ -269,6 +269,9 @@ func (a *App) _adminPasswordSubmit(s *api.Session, w http.ResponseWriter, r *htt
|
||||
return err
|
||||
}
|
||||
|
||||
*s = a.api.Session_InvalidateAll()
|
||||
a.setCookie(w, sessionIDCookieName, s.SessionID)
|
||||
|
||||
return a.redirect(w, r, "/admin/network/list/")
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user