68 lines
1.5 KiB
Go
68 lines
1.5 KiB
Go
package helpers
|
|
|
|
import (
|
|
"encoding/gob"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/gorilla/sessions"
|
|
)
|
|
|
|
var authKey = []byte("12345678901234567890123456789012") // ToDo: Make env var
|
|
var encryptKey = []byte("abcdefghijklmnopqrstuvwx12345678") // ToDo: Make env var
|
|
var sessionName = "synlotto-session"
|
|
var store = sessions.NewCookieStore(authKey, encryptKey)
|
|
|
|
const SessionTimeout = 30 * time.Minute
|
|
|
|
func init() {
|
|
gob.Register(time.Time{})
|
|
|
|
store.Options = &sessions.Options{
|
|
Path: "/",
|
|
MaxAge: 86400 * 1,
|
|
HttpOnly: true,
|
|
Secure: false, // TODO: make env-configurable
|
|
SameSite: http.SameSiteLaxMode,
|
|
}
|
|
}
|
|
|
|
func GetSession(w http.ResponseWriter, r *http.Request) (*sessions.Session, error) {
|
|
return store.Get(r, sessionName)
|
|
}
|
|
|
|
func IsSessionExpired(session *sessions.Session) bool {
|
|
last, ok := session.Values["last_activity"].(time.Time)
|
|
if !ok {
|
|
return false
|
|
}
|
|
return time.Since(last) > SessionTimeout
|
|
}
|
|
|
|
func UpdateSessionActivity(session *sessions.Session, r *http.Request, w http.ResponseWriter) {
|
|
session.Values["last_activity"] = time.Now()
|
|
session.Save(r, w)
|
|
}
|
|
|
|
func AuthMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
session, _ := GetSession(w, r)
|
|
|
|
if IsSessionExpired(session) {
|
|
session.Options.MaxAge = -1
|
|
session.Save(r, w)
|
|
|
|
newSession, _ := GetSession(w, r)
|
|
newSession.Values["flash"] = "Your session has timed out."
|
|
newSession.Save(r, w)
|
|
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
return
|
|
}
|
|
|
|
UpdateSessionActivity(session, r, w)
|
|
|
|
next(w, r)
|
|
}
|
|
}
|