Start cookie implementation

Author: farazfazli

main.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"html/template"
 	"log"
+	"math/rand"
 	"net/http"
 	"time"
 
@@ -23,7 +24,14 @@ func init() {
 	defer db.Close()
 
 	db.Update(func(tx *bolt.Tx) error {
-		_, err := tx.CreateBucketIfNotExists([]byte("UsersBucket"))
+		_, err := tx.CreateBucketIfNotExists([]byte("UsersBucket")) // username -> password
+		if err != nil {
+			return fmt.Errorf("Error with UsersBucket: %s", err)
+		}
+		return nil
+	})
+	db.Update(func(tx *bolt.Tx) error {
+		_, err := tx.CreateBucketIfNotExists([]byte("CookieBucket")) // random string -> username
 		if err != nil {
 			return fmt.Errorf("Error with UsersBucket: %s", err)
 		}
@@ -54,8 +62,9 @@ func LoginHandler(w http.ResponseWriter, req *http.Request, p httprouter.Params)
 }
 
 func LogoutHandler(w http.ResponseWriter, req *http.Request, p httprouter.Params) {
-	delete := http.Cookie{Name: "goblog", Value: "blah", Expires: time.Now(), HttpOnly: true, Path: "/"}
+	delete := http.Cookie{Name: "goblog", Value: "delete", Expires: time.Now(), HttpOnly: true, Path: "/"}
 	http.SetCookie(w, &delete)
+	// Delete cookie from DB
 	http.Redirect(w, req, "/", http.StatusFound)
 }
 
@@ -119,7 +128,13 @@ func verifyUser(w http.ResponseWriter, r *http.Request, username string, passwor
 		return nil
 	})
 	if password == string(correctpass) {
-		cookie := http.Cookie{Name: "goblog", Value: "blah", Expires: time.Now().Add(time.Hour * 24 * 7 * 52), HttpOnly: true, MaxAge: 50000, Path: "/"}
+		cookie := http.Cookie{Name: "goblog", Value: RandomString(), Expires: time.Now().Add(time.Hour * 24 * 7 * 52), HttpOnly: true, MaxAge: 50000, Path: "/"}
+		db, err := bolt.Open("goblog.db", 0600, nil)
+		db.Update(func(tx *bolt.Tx) error {
+			b := tx.Bucket([]byte("CookieBucket"))
+			err := b.Put([]byte(cookie.Value), []byte(username))
+			return err
+		})
 		http.SetCookie(w, &cookie)
 		return true
 	}
@@ -149,21 +164,52 @@ func addUser(username string, password string) bool {
 	}
 }
 
+// http://stackoverflow.com/questions/22892120/how-to-generate-a-random-string-of-a-fixed-length-in-golang
+const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+const (
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+)
+
+var src = rand.NewSource(time.Now().UnixNano())
+
+func RandomString() string {
+	b := make([]byte, 20)
+	for i, cache, remain := 20-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+
+	return string(b)
+}
+
 func getUser(w http.ResponseWriter, r *http.Request) string {
 	cookie, err := r.Cookie("goblog")
-
+	servervalue := []byte("")
+	db, err := bolt.Open("goblog.db", 0600, nil)
+	db.View(func(tx *bolt.Tx) error {
+		b := tx.Bucket([]byte("CookieBucket"))
+		servervalue = b.Get([]byte(cookie.Value))
+		return nil
+	})
 	if err == nil {
-		if cookie.Value != "" {
-			return cookieToUsername(cookie.Value)
+		if len(servervalue) > 2 {
+			if cookie.Value != "delete" {
+				return string(servervalue)
+			}
 		}
 	}
 	return ""
 }
 
-func cookieToUsername(cookie string) string {
-	return "[email protected]"
-}
-
 func main() {
 	router := httprouter.New()
 	router.GET("/", MainPage)
@@ -173,5 +219,6 @@ func main() {
 	router.POST("/signup/", SignupHandler)
 	router.GET("/admin/", AdminPage)
 	router.GET("/logout/", LogoutHandler)
+	router.GET("/new/:email/:password", SignupHandler) // <- for testing
 	log.Fatal(http.ListenAndServe(":1337", router))
 }