70 lines
1.1 KiB
Go
70 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/hex"
|
|
"net/http"
|
|
"sync"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
sessions = map[string]time.Time{}
|
|
mu sync.Mutex
|
|
)
|
|
|
|
func GenerateSession() (string, error) {
|
|
bytes := make([]byte, 32)
|
|
_, err := rand.Read(bytes)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
token := hex.EncodeToString(bytes)
|
|
|
|
mu.Lock()
|
|
sessions[token] = time.Now()
|
|
mu.Unlock()
|
|
|
|
return token, nil
|
|
}
|
|
|
|
func IsLoggedIn(r *http.Request) bool {
|
|
cookie, err := r.Cookie("session")
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
mu.Lock()
|
|
_, exists := sessions[cookie.Value]
|
|
mu.Unlock()
|
|
|
|
return exists
|
|
}
|
|
|
|
func SetSessionCookie(w http.ResponseWriter, token string) {
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: "session",
|
|
Value: token,
|
|
Path: "/",
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteLaxMode,
|
|
})
|
|
}
|
|
|
|
func ClearSession(w http.ResponseWriter, r *http.Request) {
|
|
cookie, err := r.Cookie("session")
|
|
if err == nil {
|
|
mu.Lock()
|
|
delete(sessions, cookie.Value)
|
|
mu.Unlock()
|
|
}
|
|
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: "session",
|
|
Value: "",
|
|
Path: "/",
|
|
MaxAge: -1,
|
|
HttpOnly: true,
|
|
})
|
|
}
|