Files
filehost-athome/auth/session.go
T

70 lines
1.1 KiB
Go

package auth
import (
"crypto/rand"
"encoding/hex"
"net/http"
"sync"
"time"
)
var (
sessions = map[string]time.Time{}
mu sync.Mutex
)
func GenerateSession() (string, error) {
bytes := make([]byte, 32)
_, err := rand.Read(bytes)
if err != nil {
return "", err
}
token := hex.EncodeToString(bytes)
mu.Lock()
sessions[token] = time.Now()
mu.Unlock()
return token, nil
}
func IsLoggedIn(r *http.Request) bool {
cookie, err := r.Cookie("session")
if err != nil {
return false
}
mu.Lock()
_, exists := sessions[cookie.Value]
mu.Unlock()
return exists
}
func SetSessionCookie(w http.ResponseWriter, token string) {
http.SetCookie(w, &http.Cookie{
Name: "session",
Value: token,
Path: "/",
HttpOnly: true,
SameSite: http.SameSiteLaxMode,
})
}
func ClearSession(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("session")
if err == nil {
mu.Lock()
delete(sessions, cookie.Value)
mu.Unlock()
}
http.SetCookie(w, &http.Cookie{
Name: "session",
Value: "",
Path: "/",
MaxAge: -1,
HttpOnly: true,
})
}