package main import ( "biukop/sfm/loan" "database/sql" log "github.com/sirupsen/logrus" "net/http" "time" ) type login struct { user string pass string buser string //admin bpass string //always_correct_md5 => YWRtaW46YWx3YXlzX2NvcnJlY3RfbWQ1 token string ts time.Time } func apiV1Login(w http.ResponseWriter, r *http.Request, ss *loan.Session) { res := apiV1ResponseBlank() l := login{} e := l.initRequest(r) if e != nil { log.Warn("Failed login - cannot analyze request " + e.Error()) res.add("login", false) res.add("reason", "incomplete request") res.sendJson(w) return } trial := loan.Session{} u, e := trial.Login(l.user, l.pass) if e == sql.ErrNoRows { //not found log.Warnf("Failed login - user not found %+v, error=%s", l, e.Error()) res.add("login", false) res.add("reason", "User not found") res.sendJson(w) return } else if e != nil { log.Warn("Failed login - cannot init session " + e.Error()) res.add("login", false) res.add("reason", "either user name or password is not right") res.sendJson(w) return } //log in user if u.Id == ss.User { e = ss.LogInUser(u.Id) if e != nil { log.Error("Cannot Load authenticated user:", u.Id) apiV1Server500Error(w, r) return } } else if !ss.IsEmpty() { ss.InitForUser(u.Id, time.Now().Add(loan.DefaultSessionDuration)) } else { ss.InitForUser(u.Id, time.Now().Add(loan.DefaultSessionDuration)) } //enforce machine id ss.Add("mid", apiV1GetMachineId(r)) res.add("auth", ss.Token) res.add("session_id", ss.Id) res.add("session_expire", ss.ExpireStr()) res.add("session_expire_human", ss.Expire.Format(time.RFC1123Z)) res.add("session_user", ss.User) res.add("buser", ss.User) res.add("bpass", ss.CheckSum()) res.add("mid", ss.Get("mid")) //send out apiV1AddTrackingCookie(w, r, ss) res.sendJson(w) } func (m *login) initRequest(r *http.Request) (e error) { e = r.ParseForm() if e != nil { log.Error(e) return } m.user = r.PostForm.Get("u") m.pass = r.PostForm.Get("p") m.buser, m.bpass, _ = r.BasicAuth() return }