Better (general) auth implementation

Question

Currently I have a method in my BaseController and in each controller method that I need the user to be authenticated I am left with always calling this piece of code:

user, err := c.getUser()
if err != nil {
        return c.Redirect(UserController.Login)
}

Which just checks if

revel.InterceptMethod((*UserController).CheckUser, revel.BEFORE)

(in the init.go) has added a valid user to .RenderArgs["user"].

Is there anyway I can put this redirect to the login page incl. the auth check into an filter / intercept method, so I don't have to repeat the above code 10 times? (I developed this code around revel v0.9~0.10)

One solution I came up with would be writting a module/app similiar to the new csrf module.

EDIT 4.11.2015: This Question was posted sometime ago, please check back the official Revel documentation as revel has undergone quite some development

Answer 1

Just don't let the requests to your controllers unless if authentication has properly been done. You need to implement a Filter for that. It means something like

init.go:

revel.Filters = []revel.Filter{
    SessionFilter, // Preferably a safe implementation that isn't plaintext cookies etc
    mypackage.Authenticator
}

mypackage.go:

package mypackage

func Authenticator(c *revel.Controller, fc []revel.Filter) {
 // If authentication found (from session), pass to next Filter in stack
 // If not, redirect to your authentication UI, and pass
 // Or handle other parts of authentication requests...
 // If authentication succeeded, save it to session

 // Otherwise just drop the request (probably log?)
}

The specifics depend entirely on what kind of authentication you are setting up. Here is one SSO implementation for your reference.