github.com/EngineerKamesh/gofullstack@v0.0.0-20180609171605-d41341d7d4ee/volume3/section5/gopherface/middleware/gated.go (about) 1 package middleware 2 3 import ( 4 "fmt" 5 "log" 6 "net/http" 7 8 "github.com/EngineerKamesh/gofullstack/volume3/section5/gopherface/common/authenticate" 9 ) 10 11 func GatedContentHandler(next http.HandlerFunc) http.Handler { 12 13 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 14 15 shouldRedirectToLogin := false 16 17 secureCookieMap, err := authenticate.ReadSecureCookieValues(w, r) 18 if err != nil { 19 log.Print(err) 20 } 21 22 //fmt.Printf("secure cookie contents: %+v\n", secureCookieMap) 23 24 // Check if the sid key which is used to store the session id value 25 // has been populated in the map using the comma ok idiom 26 if _, ok := secureCookieMap["sid"]; ok == true { 27 28 gfSession, err := authenticate.SessionStore.Get(r, "gopherface-session") 29 30 fmt.Printf("gopherface session values: %+v\n", gfSession.Values) 31 if err != nil { 32 log.Print(err) 33 return 34 } 35 36 // Check if the session id stored in the secure cookie matches 37 // the id and username on the server-side session 38 if gfSession.Values["sessionID"] == secureCookieMap["sid"] && gfSession.Values["username"] == secureCookieMap["username"] { 39 next(w, r) 40 } else { 41 shouldRedirectToLogin = true 42 } 43 44 } else { 45 shouldRedirectToLogin = true 46 47 } 48 49 if shouldRedirectToLogin == true { 50 http.Redirect(w, r, "/login", 302) 51 } 52 53 }) 54 55 }