login

server/auth.go

@@ -2,6 +2,8 @@ package server
 
 import (
 	"net/http"
+	"crypto/subtle"
+	"time"
 )
 
 
@@ -18,5 +20,11 @@ func userIsAuthenticated(req *http.Request, username, password string) bool {
 }
 
 func userAuthenticate(rw http.ResponseWriter, username, password string) {
-
+	expires := time.Now().Add(time.Hour * 24 * 7)  // 1 week
+	cookie := http.Cookie{Name: "auth", Value: username, Expires: expires}
+	http.SetCookie(rw, &cookie)
+}
+
+func safeCompare(p1, p2 string) bool {
+	return subtle.ConstantTimeCompare([]byte(p1), []byte(p2)) == 1
 }