2012-12-19 08:20:55 +00:00
|
|
|
package beego
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
2013-07-08 08:17:08 +00:00
|
|
|
"crypto/hmac"
|
2013-12-12 14:25:08 +00:00
|
|
|
"crypto/rand"
|
2013-07-08 08:17:08 +00:00
|
|
|
"crypto/sha1"
|
|
|
|
"encoding/base64"
|
2013-04-21 03:28:20 +00:00
|
|
|
"errors"
|
2013-07-08 08:17:08 +00:00
|
|
|
"fmt"
|
2012-12-19 08:20:55 +00:00
|
|
|
"html/template"
|
2013-04-16 10:20:55 +00:00
|
|
|
"io"
|
2012-12-19 08:20:55 +00:00
|
|
|
"io/ioutil"
|
2013-04-09 15:33:48 +00:00
|
|
|
"mime/multipart"
|
2012-12-19 08:20:55 +00:00
|
|
|
"net/http"
|
|
|
|
"net/url"
|
2013-04-16 10:20:55 +00:00
|
|
|
"os"
|
2013-11-10 15:05:07 +00:00
|
|
|
"reflect"
|
2012-12-19 08:20:55 +00:00
|
|
|
"strconv"
|
2013-04-09 16:24:28 +00:00
|
|
|
"strings"
|
2013-07-08 08:17:08 +00:00
|
|
|
"time"
|
2013-12-03 13:37:39 +00:00
|
|
|
|
|
|
|
"github.com/astaxie/beego/context"
|
|
|
|
"github.com/astaxie/beego/session"
|
2012-12-19 08:20:55 +00:00
|
|
|
)
|
|
|
|
|
2013-12-17 00:53:15 +00:00
|
|
|
var (
|
2013-12-20 13:16:26 +00:00
|
|
|
// custom error when user stop request handler manually.
|
2013-12-17 00:53:15 +00:00
|
|
|
USERSTOPRUN = errors.New("User stop run")
|
|
|
|
)
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Controller defines some basic http request handler operations, such as
|
|
|
|
// http context, template and view, session and xsrf.
|
2012-12-19 08:20:55 +00:00
|
|
|
type Controller struct {
|
2013-12-17 03:19:18 +00:00
|
|
|
Ctx *context.Context
|
|
|
|
Data map[interface{}]interface{}
|
|
|
|
controllerName string
|
|
|
|
actionName string
|
|
|
|
TplNames string
|
|
|
|
Layout string
|
|
|
|
TplExt string
|
|
|
|
_xsrf_token string
|
|
|
|
gotofunc string
|
|
|
|
CruSession session.SessionStore
|
|
|
|
XSRFExpire int
|
|
|
|
AppController interface{}
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// ControllerInterface is an interface to uniform all controller handler.
|
2012-12-19 08:20:55 +00:00
|
|
|
type ControllerInterface interface {
|
2013-12-17 03:19:18 +00:00
|
|
|
Init(ct *context.Context, controllerName, actionName string, app interface{})
|
2012-12-19 08:20:55 +00:00
|
|
|
Prepare()
|
|
|
|
Get()
|
|
|
|
Post()
|
|
|
|
Delete()
|
|
|
|
Put()
|
|
|
|
Head()
|
|
|
|
Patch()
|
|
|
|
Options()
|
|
|
|
Finish()
|
|
|
|
Render() error
|
2013-12-18 13:32:25 +00:00
|
|
|
XsrfToken() string
|
|
|
|
CheckXsrfCookie() bool
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Init generates default values of controller operations.
|
2013-12-17 03:19:18 +00:00
|
|
|
func (c *Controller) Init(ctx *context.Context, controllerName, actionName string, app interface{}) {
|
2012-12-19 08:20:55 +00:00
|
|
|
c.Data = make(map[interface{}]interface{})
|
|
|
|
c.Layout = ""
|
|
|
|
c.TplNames = ""
|
2013-12-17 03:19:18 +00:00
|
|
|
c.controllerName = controllerName
|
|
|
|
c.actionName = actionName
|
2012-12-19 08:20:55 +00:00
|
|
|
c.Ctx = ctx
|
|
|
|
c.TplExt = "tpl"
|
2013-09-28 15:30:36 +00:00
|
|
|
c.AppController = app
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Prepare runs after Init before request function execution.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Prepare() {
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Finish runs after request function execution.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Finish() {
|
2013-05-08 05:56:48 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Get adds a request function to handle GET request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Get() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Post adds a request function to handle POST request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Post() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Delete adds a request function to handle DELETE request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Delete() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Put adds a request function to handle PUT request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Put() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Head adds a request function to handle HEAD request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Head() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Patch adds a request function to handle PATCH request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Patch() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Options adds a request function to handle OPTIONS request.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Options() {
|
|
|
|
http.Error(c.Ctx.ResponseWriter, "Method Not Allowed", 405)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Render sends the response with rendered template bytes as text/html type.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Render() error {
|
2013-03-14 13:17:37 +00:00
|
|
|
rb, err := c.RenderBytes()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
} else {
|
2013-09-09 16:00:11 +00:00
|
|
|
c.Ctx.Output.Header("Content-Type", "text/html; charset=utf-8")
|
|
|
|
c.Ctx.Output.Body(rb)
|
2013-03-14 13:17:37 +00:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// RenderString returns the rendered template string. Do not send out response.
|
2013-04-03 15:37:59 +00:00
|
|
|
func (c *Controller) RenderString() (string, error) {
|
|
|
|
b, e := c.RenderBytes()
|
|
|
|
return string(b), e
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// RenderBytes returns the bytes of renderd tempate string. Do not send out response.
|
2013-03-14 13:17:37 +00:00
|
|
|
func (c *Controller) RenderBytes() ([]byte, error) {
|
2012-12-19 08:20:55 +00:00
|
|
|
//if the controller has set layout, then first get the tplname's content set the content to the layout
|
|
|
|
if c.Layout != "" {
|
|
|
|
if c.TplNames == "" {
|
2013-12-20 14:35:16 +00:00
|
|
|
c.TplNames = strings.ToLower(c.controllerName) + "/" + strings.ToLower(c.actionName) + "." + c.TplExt
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
2013-04-02 15:57:15 +00:00
|
|
|
if RunMode == "dev" {
|
2013-04-03 15:37:59 +00:00
|
|
|
BuildTemplate(ViewsPath)
|
2013-04-02 15:57:15 +00:00
|
|
|
}
|
2012-12-19 08:20:55 +00:00
|
|
|
newbytes := bytes.NewBufferString("")
|
2013-09-12 09:20:32 +00:00
|
|
|
if _, ok := BeeTemplates[c.TplNames]; !ok {
|
2013-12-20 14:35:16 +00:00
|
|
|
panic("can't find templatefile in the path:" + c.TplNames)
|
|
|
|
return []byte{}, errors.New("can't find templatefile in the path:" + c.TplNames)
|
2013-04-21 03:28:20 +00:00
|
|
|
}
|
2013-09-12 09:20:32 +00:00
|
|
|
err := BeeTemplates[c.TplNames].ExecuteTemplate(newbytes, c.TplNames, c.Data)
|
2013-09-12 05:44:12 +00:00
|
|
|
if err != nil {
|
2013-09-12 07:24:08 +00:00
|
|
|
Trace("template Execute err:", err)
|
2013-12-15 18:17:27 +00:00
|
|
|
return nil, err
|
2013-09-12 05:44:12 +00:00
|
|
|
}
|
2012-12-19 08:20:55 +00:00
|
|
|
tplcontent, _ := ioutil.ReadAll(newbytes)
|
|
|
|
c.Data["LayoutContent"] = template.HTML(string(tplcontent))
|
2013-03-14 13:17:37 +00:00
|
|
|
ibytes := bytes.NewBufferString("")
|
2013-09-12 09:20:32 +00:00
|
|
|
err = BeeTemplates[c.Layout].ExecuteTemplate(ibytes, c.Layout, c.Data)
|
2012-12-19 08:20:55 +00:00
|
|
|
if err != nil {
|
|
|
|
Trace("template Execute err:", err)
|
2013-12-15 18:17:27 +00:00
|
|
|
return nil, err
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
2013-03-14 13:17:37 +00:00
|
|
|
icontent, _ := ioutil.ReadAll(ibytes)
|
|
|
|
return icontent, nil
|
2012-12-19 08:20:55 +00:00
|
|
|
} else {
|
|
|
|
if c.TplNames == "" {
|
2013-12-20 14:35:16 +00:00
|
|
|
c.TplNames = strings.ToLower(c.controllerName) + "/" + strings.ToLower(c.actionName) + "." + c.TplExt
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
2013-04-02 15:57:15 +00:00
|
|
|
if RunMode == "dev" {
|
2013-04-03 15:37:59 +00:00
|
|
|
BuildTemplate(ViewsPath)
|
2013-04-02 15:57:15 +00:00
|
|
|
}
|
2013-03-14 13:17:37 +00:00
|
|
|
ibytes := bytes.NewBufferString("")
|
2013-09-12 09:20:32 +00:00
|
|
|
if _, ok := BeeTemplates[c.TplNames]; !ok {
|
2013-12-20 14:35:16 +00:00
|
|
|
panic("can't find templatefile in the path:" + c.TplNames)
|
|
|
|
return []byte{}, errors.New("can't find templatefile in the path:" + c.TplNames)
|
2013-04-21 03:28:20 +00:00
|
|
|
}
|
2013-09-12 09:20:32 +00:00
|
|
|
err := BeeTemplates[c.TplNames].ExecuteTemplate(ibytes, c.TplNames, c.Data)
|
2012-12-19 08:20:55 +00:00
|
|
|
if err != nil {
|
2013-09-12 09:20:32 +00:00
|
|
|
Trace("template Execute err:", err)
|
2013-12-15 18:17:27 +00:00
|
|
|
return nil, err
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
2013-03-14 13:17:37 +00:00
|
|
|
icontent, _ := ioutil.ReadAll(ibytes)
|
|
|
|
return icontent, nil
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
2013-03-14 13:17:37 +00:00
|
|
|
return []byte{}, nil
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Redirect sends the redirection response to url with status code.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Redirect(url string, code int) {
|
|
|
|
c.Ctx.Redirect(code, url)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Aborts stops controller handler and show the error data if code is defined in ErrorMap or code string.
|
2013-05-06 16:17:25 +00:00
|
|
|
func (c *Controller) Abort(code string) {
|
2013-12-16 14:54:29 +00:00
|
|
|
status, err := strconv.Atoi(code)
|
|
|
|
if err == nil {
|
|
|
|
c.Ctx.Abort(status, code)
|
|
|
|
} else {
|
|
|
|
c.Ctx.Abort(200, code)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// StopRun makes panic of USERSTOPRUN error and go to recover function if defined.
|
2013-12-16 14:54:29 +00:00
|
|
|
func (c *Controller) StopRun() {
|
2013-12-17 00:53:15 +00:00
|
|
|
panic(USERSTOPRUN)
|
2013-05-06 16:17:25 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// UrlFor does another controller handler in this request function.
|
|
|
|
// it goes to this controller method if endpoint is not clear.
|
2013-11-10 15:05:07 +00:00
|
|
|
func (c *Controller) UrlFor(endpoint string, values ...string) string {
|
|
|
|
if len(endpoint) <= 0 {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
if endpoint[0] == '.' {
|
2013-12-20 14:35:16 +00:00
|
|
|
return UrlFor(reflect.Indirect(reflect.ValueOf(c.AppController)).Type().Name()+endpoint, values...)
|
2013-11-10 15:05:07 +00:00
|
|
|
} else {
|
|
|
|
return UrlFor(endpoint, values...)
|
|
|
|
}
|
2013-12-20 13:16:26 +00:00
|
|
|
return ""
|
2013-11-10 15:05:07 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// ServeJson sends a json response with encoding charset.
|
2013-08-06 08:37:41 +00:00
|
|
|
func (c *Controller) ServeJson(encoding ...bool) {
|
2013-09-09 16:00:11 +00:00
|
|
|
var hasIndent bool
|
|
|
|
var hasencoding bool
|
2013-08-16 07:49:16 +00:00
|
|
|
if RunMode == "prod" {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = false
|
2013-08-16 07:49:16 +00:00
|
|
|
} else {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = true
|
2013-08-16 07:49:16 +00:00
|
|
|
}
|
2013-08-06 08:37:41 +00:00
|
|
|
if len(encoding) > 0 && encoding[0] == true {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasencoding = true
|
2013-08-06 08:37:41 +00:00
|
|
|
}
|
2013-09-09 16:00:11 +00:00
|
|
|
c.Ctx.Output.Json(c.Data["json"], hasIndent, hasencoding)
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-22 07:09:33 +00:00
|
|
|
// ServeJsonp sends a jsonp response.
|
2013-06-13 09:10:35 +00:00
|
|
|
func (c *Controller) ServeJsonp() {
|
2013-09-09 16:00:11 +00:00
|
|
|
var hasIndent bool
|
2013-08-16 07:49:16 +00:00
|
|
|
if RunMode == "prod" {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = false
|
2013-08-16 07:49:16 +00:00
|
|
|
} else {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = true
|
2013-06-13 09:10:35 +00:00
|
|
|
}
|
2013-09-09 16:00:11 +00:00
|
|
|
c.Ctx.Output.Jsonp(c.Data["jsonp"], hasIndent)
|
2013-06-13 09:10:35 +00:00
|
|
|
}
|
|
|
|
|
2013-12-22 07:09:33 +00:00
|
|
|
// ServeXml sends xml response.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) ServeXml() {
|
2013-09-09 16:00:11 +00:00
|
|
|
var hasIndent bool
|
2013-08-16 07:49:16 +00:00
|
|
|
if RunMode == "prod" {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = false
|
2013-08-16 07:49:16 +00:00
|
|
|
} else {
|
2013-09-09 16:00:11 +00:00
|
|
|
hasIndent = true
|
2013-08-16 07:49:16 +00:00
|
|
|
}
|
2013-09-09 16:00:11 +00:00
|
|
|
c.Ctx.Output.Xml(c.Data["xml"], hasIndent)
|
2012-12-19 08:20:55 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// Input returns the input data map from POST or PUT request body and query string.
|
2012-12-19 08:20:55 +00:00
|
|
|
func (c *Controller) Input() url.Values {
|
2013-04-09 13:49:17 +00:00
|
|
|
ct := c.Ctx.Request.Header.Get("Content-Type")
|
2013-04-09 16:24:28 +00:00
|
|
|
if strings.Contains(ct, "multipart/form-data") {
|
2013-04-09 13:49:17 +00:00
|
|
|
c.Ctx.Request.ParseMultipartForm(MaxMemory) //64MB
|
|
|
|
} else {
|
|
|
|
c.Ctx.Request.ParseForm()
|
|
|
|
}
|
2012-12-19 08:20:55 +00:00
|
|
|
return c.Ctx.Request.Form
|
|
|
|
}
|
2013-01-01 15:11:15 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// ParseForm maps input data map to obj struct.
|
2013-07-25 14:26:31 +00:00
|
|
|
func (c *Controller) ParseForm(obj interface{}) error {
|
|
|
|
return ParseForm(c.Input(), obj)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetString returns the input value by key string.
|
2013-04-09 13:49:17 +00:00
|
|
|
func (c *Controller) GetString(key string) string {
|
|
|
|
return c.Input().Get(key)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetStrings returns the input string slice by key string.
|
|
|
|
// it's designed for multi-value input field such as checkbox(input[type=checkbox]), multi-selection.
|
2013-06-17 07:12:35 +00:00
|
|
|
func (c *Controller) GetStrings(key string) []string {
|
2013-07-02 01:45:12 +00:00
|
|
|
r := c.Ctx.Request
|
|
|
|
if r.Form == nil {
|
2013-06-17 07:12:35 +00:00
|
|
|
return []string{}
|
|
|
|
}
|
2013-07-02 01:45:12 +00:00
|
|
|
vs := r.Form[key]
|
|
|
|
if len(vs) > 0 {
|
|
|
|
return vs
|
|
|
|
}
|
|
|
|
return []string{}
|
2013-06-17 07:12:35 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetInt returns input value as int64.
|
2013-04-09 13:49:17 +00:00
|
|
|
func (c *Controller) GetInt(key string) (int64, error) {
|
|
|
|
return strconv.ParseInt(c.Input().Get(key), 10, 64)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetBool returns input value as bool.
|
2013-04-09 13:49:17 +00:00
|
|
|
func (c *Controller) GetBool(key string) (bool, error) {
|
|
|
|
return strconv.ParseBool(c.Input().Get(key))
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetFloat returns input value as float64.
|
2013-09-09 16:00:11 +00:00
|
|
|
func (c *Controller) GetFloat(key string) (float64, error) {
|
|
|
|
return strconv.ParseFloat(c.Input().Get(key), 64)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetFile returns the file data in file upload field named as key.
|
|
|
|
// it returns the first one of multi-uploaded files.
|
2013-04-09 15:33:48 +00:00
|
|
|
func (c *Controller) GetFile(key string) (multipart.File, *multipart.FileHeader, error) {
|
|
|
|
return c.Ctx.Request.FormFile(key)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// SaveToFile saves uploaded file to new path.
|
|
|
|
// it only operates the first one of mutil-upload form file field.
|
2013-04-16 10:20:55 +00:00
|
|
|
func (c *Controller) SaveToFile(fromfile, tofile string) error {
|
|
|
|
file, _, err := c.Ctx.Request.FormFile(fromfile)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer file.Close()
|
2013-12-20 14:35:16 +00:00
|
|
|
f, err := os.OpenFile(tofile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0666)
|
2013-04-16 10:20:55 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
io.Copy(f, file)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// StartSession starts session and load old session data info this controller.
|
2013-05-07 07:36:43 +00:00
|
|
|
func (c *Controller) StartSession() session.SessionStore {
|
|
|
|
if c.CruSession == nil {
|
2013-09-22 03:43:22 +00:00
|
|
|
c.CruSession = c.Ctx.Input.CruSession
|
2013-05-07 07:36:43 +00:00
|
|
|
}
|
|
|
|
return c.CruSession
|
2013-01-01 15:11:15 +00:00
|
|
|
}
|
2013-04-05 15:50:53 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// SetSession puts value into session.
|
2013-05-13 15:30:50 +00:00
|
|
|
func (c *Controller) SetSession(name interface{}, value interface{}) {
|
2013-05-07 07:36:43 +00:00
|
|
|
if c.CruSession == nil {
|
|
|
|
c.StartSession()
|
|
|
|
}
|
|
|
|
c.CruSession.Set(name, value)
|
2013-04-05 15:50:53 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetSession gets value from session.
|
2013-05-13 15:30:50 +00:00
|
|
|
func (c *Controller) GetSession(name interface{}) interface{} {
|
2013-05-07 07:36:43 +00:00
|
|
|
if c.CruSession == nil {
|
|
|
|
c.StartSession()
|
|
|
|
}
|
|
|
|
return c.CruSession.Get(name)
|
2013-04-05 15:50:53 +00:00
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// SetSession removes value from session.
|
2013-05-13 15:30:50 +00:00
|
|
|
func (c *Controller) DelSession(name interface{}) {
|
2013-05-07 07:36:43 +00:00
|
|
|
if c.CruSession == nil {
|
|
|
|
c.StartSession()
|
|
|
|
}
|
|
|
|
c.CruSession.Delete(name)
|
2013-04-05 15:50:53 +00:00
|
|
|
}
|
2013-07-02 01:45:12 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// SessionRegenerateID regenerates session id for this session.
|
|
|
|
// the session data have no changes.
|
2013-11-05 14:07:09 +00:00
|
|
|
func (c *Controller) SessionRegenerateID() {
|
|
|
|
c.CruSession = GlobalSessions.SessionRegenerateId(c.Ctx.ResponseWriter, c.Ctx.Request)
|
|
|
|
c.Ctx.Input.CruSession = c.CruSession
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// DestroySession cleans session data and session cookie.
|
2013-08-10 15:58:25 +00:00
|
|
|
func (c *Controller) DestroySession() {
|
|
|
|
GlobalSessions.SessionDestroy(c.Ctx.ResponseWriter, c.Ctx.Request)
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// IsAjax returns this request is ajax or not.
|
2013-07-02 01:45:12 +00:00
|
|
|
func (c *Controller) IsAjax() bool {
|
2013-09-09 16:00:11 +00:00
|
|
|
return c.Ctx.Input.IsAjax()
|
2013-07-02 01:45:12 +00:00
|
|
|
}
|
2013-07-08 08:17:08 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetSecureCookie returns decoded cookie value from encoded browser cookie values.
|
2013-09-25 15:05:47 +00:00
|
|
|
func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
|
|
|
|
val := c.Ctx.GetCookie(key)
|
|
|
|
if val == "" {
|
|
|
|
return "", false
|
|
|
|
}
|
|
|
|
|
|
|
|
parts := strings.SplitN(val, "|", 3)
|
|
|
|
|
2013-09-26 13:06:37 +00:00
|
|
|
if len(parts) != 3 {
|
|
|
|
return "", false
|
|
|
|
}
|
|
|
|
|
2013-09-25 15:05:47 +00:00
|
|
|
vs := parts[0]
|
|
|
|
timestamp := parts[1]
|
|
|
|
sig := parts[2]
|
|
|
|
|
|
|
|
h := hmac.New(sha1.New, []byte(Secret))
|
|
|
|
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
|
|
|
|
|
|
|
if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
|
|
|
|
return "", false
|
|
|
|
}
|
2013-09-28 13:36:36 +00:00
|
|
|
res, _ := base64.URLEncoding.DecodeString(vs)
|
2013-09-25 15:05:47 +00:00
|
|
|
return string(res), true
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// SetSecureCookie puts value into cookie after encoded the value.
|
2013-09-28 13:36:36 +00:00
|
|
|
func (c *Controller) SetSecureCookie(Secret, name, val string, age int64) {
|
2013-09-25 15:05:47 +00:00
|
|
|
vs := base64.URLEncoding.EncodeToString([]byte(val))
|
|
|
|
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
|
|
|
|
h := hmac.New(sha1.New, []byte(Secret))
|
|
|
|
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
|
|
|
sig := fmt.Sprintf("%02x", h.Sum(nil))
|
|
|
|
cookie := strings.Join([]string{vs, timestamp, sig}, "|")
|
|
|
|
c.Ctx.SetCookie(name, cookie, age, "/")
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// XsrfToken creates a xsrf token string and returns.
|
2013-07-08 08:17:08 +00:00
|
|
|
func (c *Controller) XsrfToken() string {
|
|
|
|
if c._xsrf_token == "" {
|
2013-09-25 15:05:47 +00:00
|
|
|
token, ok := c.GetSecureCookie(XSRFKEY, "_xsrf")
|
|
|
|
if !ok {
|
2013-09-28 13:36:36 +00:00
|
|
|
var expire int64
|
2013-08-07 03:22:23 +00:00
|
|
|
if c.XSRFExpire > 0 {
|
2013-09-28 13:36:36 +00:00
|
|
|
expire = int64(c.XSRFExpire)
|
2013-08-07 03:22:23 +00:00
|
|
|
} else {
|
2013-09-28 13:36:36 +00:00
|
|
|
expire = int64(XSRFExpire)
|
2013-08-07 03:22:23 +00:00
|
|
|
}
|
2013-12-12 14:25:08 +00:00
|
|
|
token = getRandomString(15)
|
2013-09-25 15:05:47 +00:00
|
|
|
c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire)
|
2013-07-08 08:17:08 +00:00
|
|
|
}
|
|
|
|
c._xsrf_token = token
|
|
|
|
}
|
|
|
|
return c._xsrf_token
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// CheckXsrfCookie checks xsrf token in this request is valid or not.
|
|
|
|
// the token can provided in request header "X-Xsrftoken" and "X-CsrfToken"
|
|
|
|
// or in form field value named as "_xsrf".
|
2013-07-08 08:17:08 +00:00
|
|
|
func (c *Controller) CheckXsrfCookie() bool {
|
|
|
|
token := c.GetString("_xsrf")
|
|
|
|
if token == "" {
|
|
|
|
token = c.Ctx.Request.Header.Get("X-Xsrftoken")
|
|
|
|
}
|
|
|
|
if token == "" {
|
|
|
|
token = c.Ctx.Request.Header.Get("X-Csrftoken")
|
|
|
|
}
|
|
|
|
if token == "" {
|
|
|
|
c.Ctx.Abort(403, "'_xsrf' argument missing from POST")
|
2013-09-22 06:35:01 +00:00
|
|
|
} else if c._xsrf_token != token {
|
2013-07-08 08:17:08 +00:00
|
|
|
c.Ctx.Abort(403, "XSRF cookie does not match POST argument")
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// XsrfFormHtml writes an input field contains xsrf token value.
|
2013-07-08 08:17:08 +00:00
|
|
|
func (c *Controller) XsrfFormHtml() string {
|
|
|
|
return "<input type=\"hidden\" name=\"_xsrf\" value=\"" +
|
2013-12-20 14:35:16 +00:00
|
|
|
c._xsrf_token + "\"/>"
|
2013-07-08 08:17:08 +00:00
|
|
|
}
|
2013-07-08 09:35:09 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// GetControllerAndAction gets the executing controller name and action name.
|
2013-12-17 12:39:25 +00:00
|
|
|
func (c *Controller) GetControllerAndAction() (controllerName, actionName string) {
|
|
|
|
return c.controllerName, c.actionName
|
2013-07-08 09:35:09 +00:00
|
|
|
}
|
2013-12-12 14:25:08 +00:00
|
|
|
|
2013-12-20 13:16:26 +00:00
|
|
|
// getRandomString returns random string.
|
2013-12-12 14:25:08 +00:00
|
|
|
func getRandomString(n int) string {
|
|
|
|
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
|
|
var bytes = make([]byte, n)
|
|
|
|
rand.Read(bytes)
|
|
|
|
for i, b := range bytes {
|
|
|
|
bytes[i] = alphanum[b%byte(len(alphanum))]
|
|
|
|
}
|
|
|
|
return string(bytes)
|
|
|
|
}
|