auth
159:cf6c1f05eb21
Go to Latest
auth/authd/templates/simple.gotmpl
Enable terminating sessions through the API.
Add a terminateSession method to the sessionStore that sets the Active property
of the Session to false.
Create a Context.TerminateSession wrapper for the terminateSession method on the
sessionStore.
Add a Sessions property to our response type so we can return a []Session in API
responses.
Use the URL-safe encoding when base64 encoding our session ID and CSRFToken, so
the ID can be passed in the URL and so our encodings are consistent.
Add a TerminateSessionHandler function that will extract a Session ID from the
request URL, authenticate the user, check that the authenticated user owns the
session in question, and terminate the session.
Add implementations for our new terminateSession method for the memstore and
postgres types.
Test both the memstore and postgres implementation of our terminateSession
helper in session_test.go.
1 {{ define "login" }}<html>
6 <h1>Please log into your account</h1>{{ if .errors }}
8 <ul>{{ range .errors }}
10 </ul>{{ end }}{{ end }}
12 <p>Username: <input type="text" name="login"></p>
13 <p>Password: <input type="password" name="passphrase"></p>
14 <p><input type="submit"></p>
19 {{ define "get_grant" }}<html>
21 <title>Grant access</title>
25 <p>{{ .error }}</p>{{ end }}{{ if .internal_error }}
27 <p>{{ .internal_error }}</p>{{ end }}{{ if not .error }}{{ if not .internal_error }}<h1>Grant access</h1>
28 <p>{{ .client.Name }} is requesting access to your account. if you grant it, you'll be redirected to {{ .redirectURL }}.{{ if .scopes }} Their access will be limited to:</p>
29 <ul>{{ range .scopes }}
30 <li>{{ .Name }}{{ if .Description }}: {{ .Description }}{{ end }}</li>{{ end }}
32 <p>You are granting access for {{ .profile.Name }}.</p>{{ end }}{{ end }}
34 <input type="submit" name="grant" value="approved">
35 <input type="hidden" name="csrftoken" value="{{ .csrftoken }}">