mirror of
https://github.com/speatzle/nfsense.git
synced 2025-05-11 19:08:20 +00:00
100 lines
2.4 KiB
Go
100 lines
2.4 KiB
Go
package server
|
|
|
|
import (
|
|
"net/http"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
type SessionKeyType string
|
|
|
|
const SessionKey SessionKeyType = "session"
|
|
const SessionCookieName string = "session"
|
|
|
|
type Session struct {
|
|
Username string
|
|
Expires time.Time
|
|
// TODO Add []websocket.Conn pointer to close all active websockets, alternativly do this via context cancelation
|
|
}
|
|
|
|
var sessionsSync sync.Mutex
|
|
var sessions map[string]*Session = map[string]*Session{}
|
|
|
|
func GetSession(r *http.Request) (string, *Session) {
|
|
c, err := r.Cookie("session")
|
|
if err != nil {
|
|
return "", nil
|
|
}
|
|
s, ok := sessions[c.Value]
|
|
if ok {
|
|
return c.Value, s
|
|
}
|
|
return "", nil
|
|
}
|
|
|
|
func GenerateSession(w http.ResponseWriter, username string) {
|
|
id := uuid.New().String()
|
|
expires := time.Now().Add(time.Minute * 5)
|
|
sessionsSync.Lock()
|
|
defer sessionsSync.Unlock()
|
|
sessions[id] = &Session{
|
|
Username: username,
|
|
Expires: expires,
|
|
}
|
|
http.SetCookie(w, &http.Cookie{Name: SessionCookieName, HttpOnly: true, SameSite: http.SameSiteStrictMode, Value: id, Expires: expires})
|
|
}
|
|
|
|
func CleanupSessions(stop chan struct{}) {
|
|
tick := time.NewTicker(time.Minute)
|
|
for {
|
|
select {
|
|
case <-tick.C:
|
|
ids := []string{}
|
|
sessionsSync.Lock()
|
|
for id, s := range sessions {
|
|
if time.Now().After(s.Expires) {
|
|
ids = append(ids, id)
|
|
}
|
|
}
|
|
for _, id := range ids {
|
|
delete(sessions, id)
|
|
}
|
|
sessionsSync.Unlock()
|
|
case <-stop:
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func HandleLogin(w http.ResponseWriter, r *http.Request) {
|
|
username := r.PostFormValue("username")
|
|
password := r.PostFormValue("password")
|
|
if username == "admin" && password == "12345" {
|
|
GenerateSession(w, username)
|
|
w.WriteHeader(http.StatusOK)
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
}
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
}
|
|
|
|
func HandleLogout(w http.ResponseWriter, r *http.Request) {
|
|
http.SetCookie(w, &http.Cookie{Name: SessionCookieName, Value: "", Expires: time.Now()})
|
|
w.WriteHeader(http.StatusOK)
|
|
}
|
|
|
|
func HandleSession(w http.ResponseWriter, r *http.Request) {
|
|
id, s := GetSession(r)
|
|
if s == nil {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
sessionsSync.Lock()
|
|
defer sessionsSync.Unlock()
|
|
if s != nil {
|
|
s.Expires = time.Now().Add(time.Minute * 5)
|
|
}
|
|
http.SetCookie(w, &http.Cookie{Name: SessionCookieName, HttpOnly: true, SameSite: http.SameSiteStrictMode, Value: id, Expires: s.Expires})
|
|
w.WriteHeader(http.StatusOK)
|
|
}
|