From 9465f8db6d12a2bb8707f62ccb7d668059ec1cf1 Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Wed, 20 May 2020 13:05:05 -0400 Subject: login: set encrypted "remember me" token --- plugins/base/routes.go | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/base/routes.go b/plugins/base/routes.go index 3b47668..d023b4b 100644 --- a/plugins/base/routes.go +++ b/plugins/base/routes.go @@ -160,6 +160,12 @@ func handleGetMailbox(ctx *alps.Context) error { func handleLogin(ctx *alps.Context) error { username := ctx.FormValue("username") password := ctx.FormValue("password") + remember := ctx.FormValue("remember-me") + + if username == "" && password == "" { + username, password = ctx.GetLoginToken() + } + if username != "" && password != "" { s, err := ctx.Server.Sessions.Put(username, password) if err != nil { @@ -170,18 +176,30 @@ func handleLogin(ctx *alps.Context) error { } ctx.SetSession(s) + if remember == "on" { + ctx.SetLoginToken(username, password) + } + if path := ctx.QueryParam("next"); path != "" && path[0] == '/' && path != "/login" { return ctx.Redirect(http.StatusFound, path) } return ctx.Redirect(http.StatusFound, "/mailbox/INBOX") } - return ctx.Render(http.StatusOK, "login.html", alps.NewBaseRenderData(ctx)) + return ctx.Render(http.StatusOK, "login.html", + &struct { + alps.BaseRenderData + CanRememberMe bool + }{ + BaseRenderData: *alps.NewBaseRenderData(ctx), + CanRememberMe: ctx.Server.Options.LoginKey != nil, + }) } func handleLogout(ctx *alps.Context) error { ctx.Session.Close() ctx.SetSession(nil) + ctx.SetLoginToken("", "") return ctx.Redirect(http.StatusFound, "/login") } -- cgit v1.2.3