diff --git a/auth/auth.go b/auth/auth.go index 72d11d04..bb3dc978 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -20,13 +20,12 @@ func init() { var Store = sessions.NewCookieStore( []byte(securecookie.GenerateRandomKey(64)), //Signing key - []byte(securecookie.GenerateRandomKey(64)), //Encryption key -) + []byte(securecookie.GenerateRandomKey(32))) // CheckLogin attempts to request a SQL record with the given username. // If successful, it then compares the received bcrypt hash. // If all checks pass, this function sets the session id for later use. -func CheckLogin(r *http.Request) (bool, error) { +func Login(r *http.Request) (bool, error) { username, password := r.FormValue("username"), r.FormValue("password") session, _ := Store.Get(r, "gophish") stmt, err := db.Conn.Prepare("SELECT * FROM Users WHERE username=?") diff --git a/controllers/route.go b/controllers/route.go index 21b08a2a..9422cbb8 100644 --- a/controllers/route.go +++ b/controllers/route.go @@ -123,7 +123,7 @@ func Login(w http.ResponseWriter, r *http.Request) { if err := r.ParseForm(); err != nil { http.Error(w, "Error parsing request", http.StatusInternalServerError) } - succ, err := auth.CheckLogin(r) + succ, err := auth.Login(r) if err != nil { http.Error(w, "Error logging in", http.StatusInternalServerError) } diff --git a/middleware/middleware.go b/middleware/middleware.go index 346891c6..ca45dfb7 100644 --- a/middleware/middleware.go +++ b/middleware/middleware.go @@ -27,8 +27,6 @@ func GetContext(handler http.Handler) http.HandlerFunc { ctx.Set(r, "user", nil) } handler.ServeHTTP(w, r) - // Save the session - session.Save(r, w) // Remove context contents ctx.Clear(r) }