Renamed CheckLogin to Login

Changed encryption cookie to be 32 bytes (64 bytes not supported)

auth/auth.go

@@ -20,13 +20,12 @@ func init() {
 
 var Store = sessions.NewCookieStore(
 	[]byte(securecookie.GenerateRandomKey(64)), //Signing key
-	[]byte(securecookie.GenerateRandomKey(64)), //Encryption key
-)
+	[]byte(securecookie.GenerateRandomKey(32)))
 
 // CheckLogin attempts to request a SQL record with the given username.
 // If successful, it then compares the received bcrypt hash.
 // If all checks pass, this function sets the session id for later use.
-func CheckLogin(r *http.Request) (bool, error) {
+func Login(r *http.Request) (bool, error) {
 	username, password := r.FormValue("username"), r.FormValue("password")
 	session, _ := Store.Get(r, "gophish")
 	stmt, err := db.Conn.Prepare("SELECT * FROM Users WHERE username=?")

controllers/route.go

@@ -123,7 +123,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
 		if err := r.ParseForm(); err != nil {
 			http.Error(w, "Error parsing request", http.StatusInternalServerError)
 		}
-		succ, err := auth.CheckLogin(r)
+		succ, err := auth.Login(r)
 		if err != nil {
 			http.Error(w, "Error logging in", http.StatusInternalServerError)
 		}

middleware/middleware.go

@@ -27,8 +27,6 @@ func GetContext(handler http.Handler) http.HandlerFunc {
 			ctx.Set(r, "user", nil)
 		}
 		handler.ServeHTTP(w, r)
-		// Save the session
-		session.Save(r, w)
 		// Remove context contents
 		ctx.Clear(r)
 	}