Added session cookie and logout for admin
This commit is contained in:
@@ -0,0 +1,69 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"net/http"
|
||||
"sync"
|
||||
"time"
|
||||
)
|
||||
|
||||
var (
|
||||
sessions = map[string]time.Time{}
|
||||
mu sync.Mutex
|
||||
)
|
||||
|
||||
func GenerateSession() (string, error) {
|
||||
bytes := make([]byte, 32)
|
||||
_, err := rand.Read(bytes)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
token := hex.EncodeToString(bytes)
|
||||
|
||||
mu.Lock()
|
||||
sessions[token] = time.Now()
|
||||
mu.Unlock()
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func IsLoggedIn(r *http.Request) bool {
|
||||
cookie, err := r.Cookie("session")
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
mu.Lock()
|
||||
_, exists := sessions[cookie.Value]
|
||||
mu.Unlock()
|
||||
|
||||
return exists
|
||||
}
|
||||
|
||||
func SetSessionCookie(w http.ResponseWriter, token string) {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "session",
|
||||
Value: token,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
}
|
||||
|
||||
func ClearSession(w http.ResponseWriter, r *http.Request) {
|
||||
cookie, err := r.Cookie("session")
|
||||
if err == nil {
|
||||
mu.Lock()
|
||||
delete(sessions, cookie.Value)
|
||||
mu.Unlock()
|
||||
}
|
||||
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "session",
|
||||
Value: "",
|
||||
Path: "/",
|
||||
MaxAge: -1,
|
||||
HttpOnly: true,
|
||||
})
|
||||
}
|
||||
Reference in New Issue
Block a user