Przeglądaj źródła
bigfix tracking cookie , only sent right before we try to handle each request.
master
sp
4 lat temu
3 zmienionych plików z 25 dodań i 6 usunięć
+ 11
- 3
apiV1login.go
Wyświetl plik
| @@ -47,12 +47,19 @@ func apiV1Login(w http.ResponseWriter, r *http.Request, ss *loan.Session) { | |||
| } | |||
| //log in user | |||
| if u.Id == ss.User { | |||
| *ss = trial //we are the same | |||
| e = ss.LogInUser(u.Id) | |||
| if e != nil { | |||
| log.Error("Cannot Load authenticated user:", u.Id) | |||
| apiV1Server500Error(w, r) | |||
| return | |||
| } | |||
| } else if !ss.IsEmpty() { | |||
| ss.ReuseAsUser(u.Id, ss.Expire) | |||
| ss.InitForUser(u.Id, time.Now().Add(loan.DefaultSessionDuration)) | |||
| } else { | |||
| ss.InitForUser(ss.User, time.Now().Add(loan.DefaultSessionDuration)) | |||
| ss.InitForUser(u.Id, time.Now().Add(loan.DefaultSessionDuration)) | |||
| } | |||
| //enforce machine id | |||
| ss.Add("mid", apiV1GetMachineId(r)) | |||
| res.add("auth", ss.Token) | |||
| res.add("session_id", ss.Id) | |||
| @@ -61,6 +68,7 @@ func apiV1Login(w http.ResponseWriter, r *http.Request, ss *loan.Session) { | |||
| res.add("session_user", ss.User) | |||
| res.add("buser", ss.User) | |||
| res.add("bpass", ss.CheckSum()) | |||
| res.add("mid", ss.Get("mid")) | |||
| //send out | |||
| res.sendJson(w) | |||
| } | |||
+ 13
- 3
apiv1.go
Wyświetl plik
| @@ -45,7 +45,9 @@ func apiV1Main(w http.ResponseWriter, r *http.Request) { | |||
| return | |||
| } | |||
| session.RenewIfExpireSoon() | |||
| session.SetRemote(r) //make sure they are using latest remote | |||
| session.SetRemote(r) //make sure they are using latest remote | |||
| session.Add("mid", apiV1GetMachineId(r)) //set machine id | |||
| apiV1AddTrackingCookie(w, r, &session) // add tracking cookie to client | |||
| //we have a session now, either guest or valid user | |||
| //search through handler | |||
| @@ -66,7 +68,7 @@ func apiV1Main(w http.ResponseWriter, r *http.Request) { | |||
| apiV1DumpRequest(w, r, &session) | |||
| } | |||
| func apiV1InitSessionByBrowserId(w http.ResponseWriter, r *http.Request, session *loan.Session) { | |||
| func apiV1GetMachineId(r *http.Request) string { | |||
| var mid string | |||
| inCookie, e := r.Cookie("mid") | |||
| if e == nil { | |||
| @@ -74,9 +76,14 @@ func apiV1InitSessionByBrowserId(w http.ResponseWriter, r *http.Request, session | |||
| } else { | |||
| mid = strconv.Itoa(int(time.Now().Unix())) + "-" + gofakeit.UUID() | |||
| } | |||
| return mid | |||
| } | |||
| func apiV1InitSessionByBrowserId(w http.ResponseWriter, r *http.Request, session *loan.Session) { | |||
| mid := apiV1GetMachineId(r) | |||
| var sid string | |||
| inCookie, e = r.Cookie("session") | |||
| inCookie, e := r.Cookie("session") | |||
| if e == nil { | |||
| sid = inCookie.Value | |||
| if sid != "" { | |||
| @@ -91,12 +98,15 @@ func apiV1InitSessionByBrowserId(w http.ResponseWriter, r *http.Request, session | |||
| session.Add("mid", mid) | |||
| } | |||
| } | |||
| } | |||
| func apiV1AddTrackingCookie(w http.ResponseWriter, r *http.Request, session *loan.Session) { | |||
| //add tracking cookie | |||
| expiration := time.Now().Add(365 * 24 * time.Hour) | |||
| cookie := http.Cookie{Name: "session", Value: session.Id, Expires: expiration} | |||
| http.SetCookie(w, &cookie) | |||
| mid := apiV1GetMachineId(r) | |||
| cookie = http.Cookie{Name: "mid", Value: mid, Expires: expiration} | |||
| http.SetCookie(w, &cookie) | |||
+ 1
- 0
main.go
Wyświetl plik
| @@ -79,6 +79,7 @@ func apiV1DumpRequest(w http.ResponseWriter, r *http.Request, ss *loan.Session) | |||
| ar.Env.Session.Bin = []byte("masked data") //clear | |||
| ar.Env.Session.Secret = "***********" | |||
| ar.add("Body", dumpLines) | |||
| ar.add("mid", ss.Get("mid")) | |||
| b, _ := ar.toJson() | |||
| fmt.Fprintf(w, "%s\n", b) | |||
| } | |||
Ładowanie…