HTTP Session expire validate

This commit is contained in:
Liang Ding 2014-11-26 13:49:27 +08:00
parent 61ef48147b
commit 3586ee1c73
6 changed files with 62 additions and 5 deletions

View File

@ -38,6 +38,12 @@ import (
// WSHandler handles request of creating editor channel. // WSHandler handles request of creating editor channel.
func WSHandler(w http.ResponseWriter, r *http.Request) { func WSHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
sid := httpSession.Values["id"].(string) sid := httpSession.Values["id"].(string)
conn, _ := websocket.Upgrade(w, r, nil, 1024, 1024) conn, _ := websocket.Upgrade(w, r, nil, 1024, 1024)
@ -102,6 +108,11 @@ func AutocompleteHandler(w http.ResponseWriter, r *http.Request) {
} }
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
path := args["path"].(string) path := args["path"].(string)
@ -244,6 +255,11 @@ func FindDeclarationHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
var args map[string]interface{} var args map[string]interface{}
@ -323,6 +339,11 @@ func FindUsagesHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
var args map[string]interface{} var args map[string]interface{}

View File

@ -36,6 +36,11 @@ func GoFmtHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
var args map[string]interface{} var args map[string]interface{}

View File

@ -72,8 +72,13 @@ func GetFiles(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
userWorkspace := conf.Wide.GetUserWorkspace(username) userWorkspace := conf.Wide.GetUserWorkspace(username)
workspaces := filepath.SplitList(userWorkspace) workspaces := filepath.SplitList(userWorkspace)
@ -341,7 +346,13 @@ func Find(w http.ResponseWriter, r *http.Request) {
name := args["name"].(string) name := args["name"].(string)
session, _ := session.HTTPSession.Get(r, "wide-session") session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := session.Values["username"].(string) username := session.Values["username"].(string)
userWorkspace := conf.Wide.GetUserWorkspace(username) userWorkspace := conf.Wide.GetUserWorkspace(username)
workspaces := filepath.SplitList(userWorkspace) workspaces := filepath.SplitList(userWorkspace)

View File

@ -81,7 +81,6 @@ func init() {
// indexHandler handles request of Wide index. // indexHandler handles request of Wide index.
func indexHandler(w http.ResponseWriter, r *http.Request) { func indexHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew { if httpSession.IsNew {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)
@ -138,7 +137,6 @@ func serveSingle(pattern string, filename string) {
// startHandler handles request of start page. // startHandler handles request of start page.
func startHandler(w http.ResponseWriter, r *http.Request) { func startHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew { if httpSession.IsNew {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)
@ -176,7 +174,6 @@ func startHandler(w http.ResponseWriter, r *http.Request) {
// keyboardShortcutsHandler handles request of keyboard shortcuts page. // keyboardShortcutsHandler handles request of keyboard shortcuts page.
func keyboardShortcutsHandler(w http.ResponseWriter, r *http.Request) { func keyboardShortcutsHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew { if httpSession.IsNew {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)
@ -206,7 +203,6 @@ func keyboardShortcutsHandler(w http.ResponseWriter, r *http.Request) {
// aboutHandle handles request of about page. // aboutHandle handles request of about page.
func aboutHandler(w http.ResponseWriter, r *http.Request) { func aboutHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew { if httpSession.IsNew {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)

View File

@ -254,6 +254,11 @@ func BuildHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string) username := httpSession.Values["username"].(string)
locale := conf.Wide.GetUser(username).Locale locale := conf.Wide.GetUser(username).Locale
@ -456,6 +461,11 @@ func GoTestHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string) username := httpSession.Values["username"].(string)
locale := conf.Wide.GetUser(username).Locale locale := conf.Wide.GetUser(username).Locale
@ -569,6 +579,11 @@ func GoInstallHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string) username := httpSession.Values["username"].(string)
locale := conf.Wide.GetUser(username).Locale locale := conf.Wide.GetUser(username).Locale
@ -729,6 +744,11 @@ func GoGetHandler(w http.ResponseWriter, r *http.Request) {
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string) username := httpSession.Values["username"].(string)
locale := conf.Wide.GetUser(username).Locale locale := conf.Wide.GetUser(username).Locale

View File

@ -42,7 +42,6 @@ var ShellWS = map[string]*util.WSChannel{}
// IndexHandler handles request of Shell index. // IndexHandler handles request of Shell index.
func IndexHandler(w http.ResponseWriter, r *http.Request) { func IndexHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew { if httpSession.IsNew {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)
@ -82,6 +81,11 @@ func IndexHandler(w http.ResponseWriter, r *http.Request) {
// WSHandler handles request of creating Shell channel. // WSHandler handles request of creating Shell channel.
func WSHandler(w http.ResponseWriter, r *http.Request) { func WSHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session") httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string) username := httpSession.Values["username"].(string)
sid := r.URL.Query()["sid"][0] sid := r.URL.Query()["sid"][0]