-
Notifications
You must be signed in to change notification settings - Fork 54
/
sessions.go
123 lines (108 loc) · 3.21 KB
/
sessions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package main
import (
"net/http"
"net/url"
"time"
"github.com/gin-gonic/contrib/sessions"
"github.com/gin-gonic/gin"
"zxq.co/ripple/rippleapi/common"
"zxq.co/x/rs"
)
func sessionInitializer() func(c *gin.Context) {
return func(c *gin.Context) {
sess := sessions.Default(c)
var ctx context
var passwordChanged bool
userid := sess.Get("userid")
var hasUser bool
if userid, ok := userid.(int); ok {
hasUser = true
ctx.User.ID = userid
var (
pRaw int64
password string
)
err := db.QueryRow("SELECT username, privileges, flags, password_md5 FROM users WHERE id = ?", userid).
Scan(&ctx.User.Username, &pRaw, &ctx.User.Flags, &password)
if err != nil {
c.Error(err)
}
if sess.Get("logout") == nil {
sess.Set("logout", rs.String(15))
}
ctx.User.Privileges = common.UserPrivileges(pRaw)
db.Exec("UPDATE users SET latest_activity = ? WHERE id = ?", time.Now().Unix(), userid)
if s, ok := sess.Get("pw").(string); !ok || cmd5(password) != s {
ctx = context{}
sess.Clear()
passwordChanged = true
}
}
if v, _ := sess.Get("2fa_must_validate").(bool); !v && ctx.User.ID != 0 {
tok := sess.Get("token")
if tok, ok := tok.(string); ok {
ctx.Token = tok
}
oldToken := ctx.Token
ctx.Token, _ = checkToken(ctx.Token, ctx.User.ID, c)
// Set rt cookie in case:
// - User has not got a token in rt
// - Token has been updated with checkToken
// - user still has old token in rt
if x, _ := c.Cookie("rt"); oldToken != ctx.Token || x != ctx.Token {
http.SetCookie(c.Writer, &http.Cookie{
Name: "rt",
Value: ctx.Token,
Expires: time.Now().Add(time.Hour * 24 * 30 * 1),
})
sess.Set("token", ctx.Token)
}
}
if hasUser {
if v, ok := sess.Get("avatars_version").(uint64); ok {
ctx.AvatarsVersion = v
} else {
ctx.AvatarsVersion = 0
sess.Set("avatars_version", 0)
}
}
var addBannedMessage bool
if ctx.User.ID != 0 && (ctx.User.Privileges&common.UserPrivilegeNormal == 0) {
ctx = context{}
sess.Clear()
addBannedMessage = true
}
ctx.Language = getLanguageFromGin(c)
c.Set("context", ctx)
c.Set("session", sess)
if addBannedMessage {
addMessage(c, warningMessage{T(c, "You have been automatically logged out of your account because your account has either been banned or locked. Should you believe this is a mistake, you can contact our support team at support@ripple.moe.")})
}
if passwordChanged {
addMessage(c, warningMessage{T(c, "You have been automatically logged out for security reasons. Please <a href='/login?redir=%s'>log back in</a>.", url.QueryEscape(c.Request.URL.Path))})
}
c.Next()
}
}
func addMessage(c *gin.Context, m message) {
sess := getSession(c)
var messages []message
messagesRaw := sess.Get("messages")
if messagesRaw != nil {
messages = messagesRaw.([]message)
}
messages = append(messages, m)
sess.Set("messages", messages)
}
func getMessages(c *gin.Context) []message {
sess := getSession(c)
messagesRaw := sess.Get("messages")
if messagesRaw == nil {
return nil
}
sess.Delete("messages")
return messagesRaw.([]message)
}
func getSession(c *gin.Context) sessions.Session {
return c.MustGet("session").(sessions.Session)
}