diff options
-rw-r--r-- | session_store.go | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/session_store.go b/session_store.go index 0d149c6..9566293 100644 --- a/session_store.go +++ b/session_store.go @@ -89,6 +89,8 @@ type SessionStoreElement struct { type SessionStore struct { store map[string]map[string]*SessionStoreElement + conf *Config + rddb *RdDbChan quit chan bool done chan bool newChan chan newSessionRequest @@ -109,7 +111,7 @@ func (self *SessionStore) new(ctx *ImportContext, refId string) (resp newSession resp.responsecode = http.StatusOK resp.errorstring = "OK" if !ctx.Trusted { - if ok, err := ctx.rddb.CheckPassword(ctx.UserName, ctx.Password); err != nil { + if ok, err := self.rddb.CheckPassword(ctx.UserName, ctx.Password); err != nil { resp.responsecode = http.StatusInternalServerError resp.errorstring = err.Error() return @@ -127,6 +129,8 @@ func (self *SessionStore) new(ctx *ImportContext, refId string) (resp newSession if _, exists := self.store[ctx.UserName]; !exists { self.store[ctx.UserName] = make(map[string]*SessionStoreElement) } + ctx.conf = self.conf + ctx.rddb = self.rddb s := &SessionStoreElement{NewSession(ctx, func() { self.GetInterface().Remove(ctx.UserName, resp.id) }), refId} self.store[ctx.UserName][resp.id] = s resp.session = self.store[ctx.UserName][resp.id].s.getInterface() @@ -151,18 +155,17 @@ func (self *SessionStore) get(user, id string) (resp getSessionResponse) { func (self *SessionStore) list(user, password string, trusted bool) (resp listSessionsResponse) { resp.responsecode = http.StatusOK resp.errorstring = "OK" - // TODO: enable this check as soon as the session store handles the rddb itself - // if !trusted { - // if ok, err := self.rddb.CheckPassword(user, password); err != nil { - // resp.responsecode = http.StatusInternalServerError - // resp.errorstring = err.Error() - // return - // } else if !ok { - // resp.responsecode = http.StatusUnauthorized - // resp.errorstring = "invalid username and/or password" - // return - // } - // } + if !trusted { + if ok, err := self.rddb.CheckPassword(user, password); err != nil { + resp.responsecode = http.StatusInternalServerError + resp.errorstring = err.Error() + return + } else if !ok { + resp.responsecode = http.StatusUnauthorized + resp.errorstring = "invalid username and/or password" + return + } + } resp.sessions = make(map[string]string) if sessions, exists := self.store[user]; exists { for id, e := range sessions { @@ -289,9 +292,10 @@ func (self *SessionStore) Cleanup() { close(self.removeChan) } -func NewSessionStore(conf *Config) (store *SessionStore, err error) { +func NewSessionStore(conf *Config, rddb *RdDbChan) (store *SessionStore, err error) { store = new(SessionStore) - + store.conf = conf + store.rddb = rddb store.quit = make(chan bool) store.done = make(chan bool) store.store = make(map[string]map[string]*SessionStoreElement) |