hlfw.ca

webbing

Download patch

ref: f6eaa7ddf43b0812b248bad0fa3962403abe5ad1
parent: 87f250a3c8b6f331d621cda0aa5a2928859058cf
author: Michael Misch <michaelmisch1985@gmail.com>
date: Wed Nov 27 13:23:42 PST 2019 

Start using TODO


--- /dev/null
+++ b/TODO
@@ -1,0 +1,56 @@
+# provider.html
+[ ] provider.tpl change link from TODO.html
+
+# legal.html (nemo)
+[ ] Consult with lawyer
+[ ] Create legal.html
+[ ] convert html to templates/legal.tpl + pages/legal.go
+
+# privacy.html (nemo) - privacy policy
+[ ] Consult with lawyer
+[ ] Create privacy.html
+[ ] Convert html to templates/privacy.tpl + pages/privacy.go
+
+# help/provider.html (nemo)
+[ ] Create help/provider.html
+[ ] Convert html to templates/help/provider.html and pages/help/provider.go
+
+# messages.html
+[ ] URL encoded token to link
+[ ] Validate user login corellates to token IDs
+
+# patient/symptoms.html
+[ ] URL encoded token to link
+[ ] Validate user login and forward secrecy based on user IDs
+[ ] Send URL encoded link via email and wait for authorized login to pages
+
+# login.html
+[ ] Redirect to login page for any gated page and stash redirect link in our map
+[ ] Redirect on successful auth to page 
+
+# doctor/bookings.html
+[ ] URL encoded token to link based on specific booking in question
+
+# doctor/profile.html
+[ ] Link to messages
+[ ] unread messages shown
+[ ] List of bookings
+
+# patient/appointments.html
+[ ] URL encoded token to link based on specific appointment
+
+# patient/profile.html
+[ ] Link to messages
+[ ] Unread messages shown
+[ ] List of appointments upcoming
+
+# patient/offer 
+[ ] URL encododed token linking to specific doctor
+
+# patient/search
+[ ] List of doctors matching query
+
+# footer template
+[ ] Call toll free - update number
+[ ] Email - update Email
+[ ] Link from "Become A Partner" link to doctor/application.html
--- a/design/sessions
+++ /dev/null
@@ -1,4 +1,0 @@
-The session management is pulled right out of astaxie's web design book.
-A client connects to the site, and is issued a token. The token is tied into session cookies, and is used to validate login status, tying the token to a username. The username itself is then queried against the database for any additional information
-
-There's not much that happens here as of yet, but eventually the design will generate tokens for each page the user visits, and generate tokens that are seperate and linked to a form on a given page. This allows us to do two things: Stop multiple form submissions, which can happen just from slow internet or user confusion, as well as remove the chance for nefarious people to hijack a client access cookie to do anything that would cause damage to the client
\ No newline at end of file
--- a/session/data.go
+++ b/session/data.go
@@ -2,6 +2,7 @@
 
 import (
 	"container/list"
+	"log"
 	"sync"
 	"time"
 )
@@ -87,6 +88,7 @@
 
 // GC - Clean up all expired sessions
 func (pder *Default) GC(maxlifetime int64) {
+	log.Println("Starting GC sweep")
 	pder.lock.Lock()
 	defer pder.lock.Unlock()
 	for {
--- a/session/manager.go
+++ b/session/manager.go
@@ -110,9 +110,7 @@
 	manager.lock.Lock()
 	defer manager.lock.Unlock()
 	manager.provider.GC(manager.maxlifetime)
-	time.AfterFunc(10*time.Second, func() {
-		manager.GC()
-	})
+	time.AfterFunc(30*time.Second, func() { manager.GC() })
 }
 
 func (manager *Manager) sessionID() string {