131 lines
3.2 KiB
Go
131 lines
3.2 KiB
Go
package controller
|
|
|
|
import (
|
|
"arno/skeletor/config"
|
|
"arno/skeletor/entity"
|
|
"arno/skeletor/repository"
|
|
"arno/skeletor/service"
|
|
"arno/skeletor/tool"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/martini-contrib/render"
|
|
"github.com/martini-contrib/sessions"
|
|
)
|
|
|
|
func SecurityFirewall(ctn *service.Container, session sessions.Session, req *http.Request, r render.Render, level int) int {
|
|
myconfig := config.Must(ctn)
|
|
|
|
tmp := session.Get("Login")
|
|
login := ""
|
|
if tmp != nil {
|
|
login = tmp.(string)
|
|
}
|
|
|
|
tmp = session.Get("Role")
|
|
role := 100
|
|
if tmp != nil {
|
|
rolestr := tmp.(string)
|
|
role, _ = strconv.Atoi(rolestr)
|
|
}
|
|
|
|
// Si l'application est privé et que l'utilisateur n'est pas connecté on indique une redirection vers la mire de login
|
|
if myconfig.AppPrivate && login == "" {
|
|
return 2
|
|
}
|
|
|
|
// Si l'utilisateur n'a pas le niveau requis pour visualiser la page
|
|
if role > level {
|
|
// Si l'application est public et que le niveau requis est au minimum un niveau user on indique une redirection vers la mire de login
|
|
// Sinon on redirige vers la page d'accueil
|
|
if login == "" && level <= 50 {
|
|
return 2
|
|
} else {
|
|
return 1
|
|
}
|
|
}
|
|
|
|
return 0
|
|
}
|
|
|
|
func SecurityRedirect(ctn *service.Container, req *http.Request, r render.Render, isperm int) {
|
|
myconfig := config.Must(ctn)
|
|
|
|
// Si redirection vers page d'accueil
|
|
if isperm == 1 {
|
|
r.Redirect(myconfig.AppRoutes["home"])
|
|
}
|
|
|
|
// Si redirection vers mire de login
|
|
if isperm == 2 {
|
|
r.Redirect(myconfig.AppRoutes["securitylogin"] + "?redirect=" + req.URL.Path)
|
|
}
|
|
}
|
|
|
|
func SecurityLogin(ctn *service.Container, session sessions.Session, req *http.Request, r render.Render) {
|
|
myconfig := config.Must(ctn)
|
|
mydb := repository.Must(ctn)
|
|
|
|
redirect, isredirect := req.URL.Query()["redirect"]
|
|
|
|
var user entity.User
|
|
var myerr string
|
|
|
|
session.Clear()
|
|
|
|
if req.Method == http.MethodPost {
|
|
req.ParseForm()
|
|
login := req.Form.Get("login")
|
|
password := req.Form.Get("password")
|
|
|
|
// On recherche l'utilisateur
|
|
result := mydb.First(&user, "login = ?", login)
|
|
if result.RowsAffected == 0 {
|
|
myerr = "No User"
|
|
} else {
|
|
salt := user.Salt
|
|
if password != tool.Decrypt(salt, user.Password) {
|
|
myerr = "Erreur de connexion"
|
|
}
|
|
}
|
|
|
|
if myerr == "" {
|
|
RefreshSession(session, user)
|
|
|
|
if isredirect {
|
|
r.Redirect(redirect[0])
|
|
} else {
|
|
r.Redirect(myconfig.AppRoutes["home"])
|
|
}
|
|
}
|
|
}
|
|
|
|
rendermap := map[string]interface{}{
|
|
"conf": myconfig,
|
|
"session": tool.Rendersession(session),
|
|
"useheader": false,
|
|
"usesidebar": false,
|
|
"usecontainer": true,
|
|
"error": myerr,
|
|
}
|
|
|
|
r.HTML(200, "security/login", rendermap)
|
|
}
|
|
|
|
func SecurityLogout(ctn *service.Container, session sessions.Session, req *http.Request, r render.Render) {
|
|
myconfig := config.Must(ctn)
|
|
session.Clear()
|
|
r.Redirect(myconfig.AppRoutes["home"])
|
|
}
|
|
|
|
func RefreshSession(session sessions.Session, user entity.User) {
|
|
session.Set("Userid", strconv.FormatUint(uint64(user.Id), 10))
|
|
session.Set("Login", user.Login)
|
|
session.Set("Firstname", user.Firstname)
|
|
session.Set("Lastname", user.Lastname)
|
|
session.Set("Email", user.Email)
|
|
session.Set("Avatar", user.Avatar)
|
|
session.Set("Role", strconv.Itoa(user.Role))
|
|
session.Set("Apikey", user.Apikey)
|
|
}
|