code.gitea.io/gitea@v1.22.3/services/auth/session.go (about) 1 // Copyright 2019 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package auth 5 6 import ( 7 "net/http" 8 9 user_model "code.gitea.io/gitea/models/user" 10 "code.gitea.io/gitea/modules/log" 11 ) 12 13 // Ensure the struct implements the interface. 14 var ( 15 _ Method = &Session{} 16 ) 17 18 // Session checks if there is a user uid stored in the session and returns the user 19 // object for that uid. 20 type Session struct{} 21 22 // Name represents the name of auth method 23 func (s *Session) Name() string { 24 return "session" 25 } 26 27 // Verify checks if there is a user uid stored in the session and returns the user 28 // object for that uid. 29 // Returns nil if there is no user uid stored in the session. 30 func (s *Session) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) { 31 if sess == nil { 32 return nil, nil 33 } 34 35 // Get user ID 36 uid := sess.Get("uid") 37 if uid == nil { 38 return nil, nil 39 } 40 log.Trace("Session Authorization: Found user[%d]", uid) 41 42 id, ok := uid.(int64) 43 if !ok { 44 return nil, nil 45 } 46 47 // Get user object 48 user, err := user_model.GetUserByID(req.Context(), id) 49 if err != nil { 50 if !user_model.IsErrUserNotExist(err) { 51 log.Error("GetUserByID: %v", err) 52 // Return the err as-is to keep current signed-in session, in case the err is something like context.Canceled. Otherwise non-existing user (nil, nil) will make the caller clear the signed-in session. 53 return nil, err 54 } 55 return nil, nil 56 } 57 58 log.Trace("Session Authorization: Logged in user %-v", user) 59 return user, nil 60 }