Enha: use of sql sessions

handlers/auth.go

@@ -1,6 +1,7 @@
 package handlers
 
 import (
+	"context"
 	"crypto/hmac"
 	"crypto/sha256"
 	"encoding/base64"
@@ -12,6 +13,7 @@ import (
 	"html/template"
 	"net/http"
 	"strings"
+	"time"
 )
 
 func abortWithError(w http.ResponseWriter, msg string) {
@@ -144,9 +146,10 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 	// expiresAt := time.Now().Add(time.Duration(cfg.SessionLifetime) * time.Second)
 	// Set the token in the session map, along with the session information
 	session := &models.Session{
-		Username:    username,
-		CookieToken: sessionToken,
-		Lifetime:    uint32(cfg.SessionLifetime / 60),
+		Username:  username,
+		TokenKey:  sessionToken,
+		UpdatedAt: time.Now(),
+		Lifetime:  uint32(cfg.SessionLifetime / 60),
 	}
 	cookieName := "session_token"
 	// hmac to protect cookies
@@ -173,6 +176,9 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 		log.Info("changing cookie domain", "domain", cookie.Domain)
 	}
 	// set ctx?
+	if err := repo.SessionCreate(context.Background(), session); err != nil {
+		return nil, err
+	}
 	// set user in session
 	if err := cacheSetSession(sessionToken, session); err != nil {
 		return nil, err