debugging session
This commit is contained in:
Gregory Wells
@@ -191,7 +191,6 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword)
|
connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword)
|
||||||
if connected != nil {
|
if connected != nil {
|
||||||
w.Write(blankPhotoData)
|
w.Write(blankPhotoData)
|
||||||
fmt.Println("Returned blank avatar because couldnt connect as user")
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -203,13 +202,11 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
)
|
)
|
||||||
if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 {
|
if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 {
|
||||||
w.Write(blankPhotoData)
|
w.Write(blankPhotoData)
|
||||||
fmt.Println("Returned blank avatar because we couldnt find the user")
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
entry := userSearch.LDAPSearch.Entries[0]
|
entry := userSearch.LDAPSearch.Entries[0]
|
||||||
bytes := entry.GetRawAttributeValue("jpegphoto")
|
bytes := entry.GetRawAttributeValue("jpegphoto")
|
||||||
if len(bytes) == 0 {
|
if len(bytes) == 0 {
|
||||||
fmt.Println("Returned blank avatar because we just don't have an avatar")
|
|
||||||
w.Write(blankPhotoData)
|
w.Write(blankPhotoData)
|
||||||
return
|
return
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -4,10 +4,11 @@ import (
|
|||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"astraltech.xyz/accountmanager/src/logging"
|
||||||
)
|
)
|
||||||
|
|
||||||
type SessionData struct {
|
type SessionData struct {
|
||||||
@@ -33,14 +34,15 @@ func GenerateSessionToken(length int) (string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func createSession(userData *UserData) *http.Cookie {
|
func createSession(userData *UserData) *http.Cookie {
|
||||||
|
logging.Debugf("Creating a new session for %s", userData.Username)
|
||||||
token, err := GenerateSessionToken(32) // Use crypto/rand for this
|
token, err := GenerateSessionToken(32) // Use crypto/rand for this
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err)
|
logging.Error(err.Error())
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
CSRFToken, err := GenerateSessionToken(32)
|
CSRFToken, err := GenerateSessionToken(32)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err)
|
logging.Error(err.Error())
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -72,8 +74,10 @@ func createSession(userData *UserData) *http.Cookie {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func validateSession(r *http.Request) (bool, *SessionData) {
|
func validateSession(r *http.Request) (bool, *SessionData) {
|
||||||
|
logging.Debugf("Validating session")
|
||||||
cookie, err := r.Cookie("session_token")
|
cookie, err := r.Cookie("session_token")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logging.Error(err.Error())
|
||||||
return false, &SessionData{}
|
return false, &SessionData{}
|
||||||
}
|
}
|
||||||
token := cookie.Value
|
token := cookie.Value
|
||||||
@@ -87,5 +91,6 @@ func validateSession(r *http.Request) (bool, *SessionData) {
|
|||||||
if !exists || !sessionData.loggedIn {
|
if !exists || !sessionData.loggedIn {
|
||||||
return false, &SessionData{}
|
return false, &SessionData{}
|
||||||
}
|
}
|
||||||
|
logging.Infof("Validated session for %s", sessionData.data.Username)
|
||||||
return true, &sessionData
|
return true, &sessionData
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user