diff --git a/.gitignore b/.gitignore index 58da11c1439..b0f80a57846 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,4 @@ gogs *.exe~ .DS_Store *.db -*.log +*.log \ No newline at end of file diff --git a/routers/user/user.go b/routers/user/user.go index cf1314086c4..d2da19d5a03 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -9,6 +9,7 @@ import ( "net/http" "github.com/martini-contrib/render" + "github.com/martini-contrib/sessions" "github.com/gogits/validation" @@ -23,7 +24,7 @@ func Profile(r render.Render) { return } -func SignIn(req *http.Request, r render.Render) { +func SignIn(req *http.Request, r render.Render, session sessions.Session) { if req.Method == "GET" { r.HTML(200, "user/signin", map[string]interface{}{ "Title": "Log In", @@ -31,14 +32,16 @@ func SignIn(req *http.Request, r render.Render) { return } - // todo sign in - _, err := models.LoginUserPlain(req.FormValue("account"), req.FormValue("passwd")) + // TODO: LDAP sign in + user, err := models.LoginUserPlain(req.FormValue("account"), req.FormValue("passwd")) if err != nil { r.HTML(200, "base/error", map[string]interface{}{ "Error": fmt.Sprintf("%v", err), }) return } + session.Set("userId", user.Id) + session.Set("userName", user.Name) r.Redirect("/") } diff --git a/web.go b/web.go index 77226f57883..4fca90a2983 100644 --- a/web.go +++ b/web.go @@ -12,6 +12,7 @@ import ( "github.com/codegangsta/cli" "github.com/codegangsta/martini" "github.com/martini-contrib/render" + "github.com/martini-contrib/sessions" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/repo" @@ -46,6 +47,10 @@ func runWeb(*cli.Context) { // Middleware. m.Use(render.Renderer(render.Options{Funcs: []template.FuncMap{AppHelpers}})) + // TODO: should use other store because cookie store is not secure. + store := sessions.NewCookieStore([]byte("secret123")) + m.Use(sessions.Sessions("my_session", store)) + // Routers. m.Get("/", routers.Dashboard) m.Any("/login", user.SignIn)