9 files changed, 109 insertions, 15 deletions

diff --git a/api/channel.go b/api/channel.go
index 896e22793..28642ff67 100644
--- a/api/channel.go
+++ b/api/channel.go
@@ -282,7 +282,7 @@ func getChannels(c *Context, w http.ResponseWriter, r *http.Request) {
 			// lets make sure the user is valid
 			if result := <-Srv.Store.User().Get(c.Session.UserId); result.Err != nil {
 				c.Err = result.Err
-				c.RemoveSessionCookie(w)
+				c.RemoveSessionCookie(w, r)
 				l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId)
 				return
 			}
diff --git a/api/context.go b/api/context.go
index 02c3dc902..e80582b2a 100644
--- a/api/context.go
+++ b/api/context.go
@@ -137,7 +137,7 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 
 		if session == nil || session.IsExpired() {
-			c.RemoveSessionCookie(w)
+			c.RemoveSessionCookie(w, r)
 			c.Err = model.NewAppError("ServeHTTP", "Invalid or expired session, please login again.", "token="+token)
 			c.Err.StatusCode = http.StatusUnauthorized
 		} else if !session.IsOAuth && isTokenFromQueryString {
@@ -303,7 +303,6 @@ func (c *Context) HasSystemAdminPermissions(where string) bool {
 }
 
 func (c *Context) IsSystemAdmin() bool {
-	// TODO XXX FIXME && IsPrivateIpAddress(c.IpAddress)
 	if model.IsInRole(c.Session.Roles, model.ROLE_SYSTEM_ADMIN) {
 		return true
 	}
@@ -317,7 +316,7 @@ func (c *Context) IsTeamAdmin() bool {
 	return false
 }
 
-func (c *Context) RemoveSessionCookie(w http.ResponseWriter) {
+func (c *Context) RemoveSessionCookie(w http.ResponseWriter, r *http.Request) {
 
 	sessionCache.Remove(c.Session.Token)
 
@@ -330,6 +329,21 @@ func (c *Context) RemoveSessionCookie(w http.ResponseWriter) {
 	}
 
 	http.SetCookie(w, cookie)
+
+	multiToken := ""
+	if oldMultiCookie, err := r.Cookie(model.MULTI_SESSION_TOKEN); err == nil {
+		multiToken = oldMultiCookie.Value
+	}
+
+	multiCookie := &http.Cookie{
+		Name:     model.MULTI_SESSION_TOKEN,
+		Value:    strings.TrimSpace(strings.Replace(multiToken, c.Session.Token, "", -1)),
+		Path:     "/",
+		MaxAge:   model.SESSION_TIME_WEB_IN_SECS,
+		HttpOnly: true,
+	}
+
+	http.SetCookie(w, multiCookie)
 }
 
 func (c *Context) SetInvalidParam(where string, name string) {
@@ -346,7 +360,7 @@ func (c *Context) setTeamURL(url string, valid bool) {
 	c.teamURLValid = valid
 }
 
-func (c *Context) setTeamURLFromSession() {
+func (c *Context) SetTeamURLFromSession() {
 	if result := <-Srv.Store.Team().Get(c.Session.TeamId); result.Err == nil {
 		c.setTeamURL(c.GetSiteURL()+"/"+result.Data.(*model.Team).Name, true)
 	}
@@ -362,7 +376,7 @@ func (c *Context) GetTeamURLFromTeam(team *model.Team) string {
 
 func (c *Context) GetTeamURL() string {
 	if !c.teamURLValid {
-		c.setTeamURLFromSession()
+		c.SetTeamURLFromSession()
 		if !c.teamURLValid {
 			l4g.Debug("TeamURL accessed when not valid. Team URL should not be used in api functions or those that are team independent")
 		}
diff --git a/api/user.go b/api/user.go
index ed3576a30..2d7dd9ab1 100644
--- a/api/user.go
+++ b/api/user.go
@@ -394,6 +394,41 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
 
 	http.SetCookie(w, sessionCookie)
 
+	multiToken := ""
+	if originalMultiSessionCookie, err := r.Cookie(model.MULTI_SESSION_TOKEN); err == nil {
+		multiToken = originalMultiSessionCookie.Value
+	}
+
+	// Attempt to clean all the old tokens or duplicate tokens
+	if len(multiToken) > 0 {
+		tokens := strings.Split(multiToken, " ")
+
+		multiToken = ""
+		seen := make(map[string]string)
+		seen[session.TeamId] = session.TeamId
+		for _, token := range tokens {
+			if sr := <-Srv.Store.Session().Get(token); sr.Err == nil {
+				s := sr.Data.(*model.Session)
+				if !s.IsExpired() && seen[s.TeamId] == "" {
+					multiToken += " " + token
+					seen[s.TeamId] = s.TeamId
+				}
+			}
+		}
+	}
+
+	multiToken = strings.TrimSpace(session.Token + " " + multiToken)
+
+	multiSessionCookie := &http.Cookie{
+		Name:     model.MULTI_SESSION_TOKEN,
+		Value:    multiToken,
+		Path:     "/",
+		MaxAge:   maxAge,
+		HttpOnly: true,
+	}
+
+	http.SetCookie(w, multiSessionCookie)
+
 	c.Session = *session
 	c.LogAuditWithUserId(user.Id, "success")
 }
@@ -514,7 +549,7 @@ func logout(c *Context, w http.ResponseWriter, r *http.Request) {
 
 func Logout(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.LogAudit("")
-	c.RemoveSessionCookie(w)
+	c.RemoveSessionCookie(w, r)
 	if result := <-Srv.Store.Session().Remove(c.Session.Id); result.Err != nil {
 		c.Err = result.Err
 		return
@@ -529,7 +564,7 @@ func getMe(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	if result := <-Srv.Store.User().Get(c.Session.UserId); result.Err != nil {
 		c.Err = result.Err
-		c.RemoveSessionCookie(w)
+		c.RemoveSessionCookie(w, r)
 		l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId)
 		return
 	} else if HandleEtag(result.Data.(*model.User).Etag(), w, r) {
diff --git a/model/session.go b/model/session.go
index 3c7c75eb4..bb4d987a7 100644
--- a/model/session.go
+++ b/model/session.go
@@ -10,6 +10,7 @@ import (
 
 const (
 	SESSION_TOKEN               = "MMSID"
+	MULTI_SESSION_TOKEN         = "MMSIDMU"
 	SESSION_TIME_WEB_IN_DAYS    = 30
 	SESSION_TIME_WEB_IN_SECS    = 60 * 60 * 24 * SESSION_TIME_WEB_IN_DAYS
 	SESSION_TIME_MOBILE_IN_DAYS = 30
diff --git a/web/react/components/navbar_dropdown.jsx b/web/react/components/navbar_dropdown.jsx
index 57a78a0d4..dc5983f1e 100644
--- a/web/react/components/navbar_dropdown.jsx
+++ b/web/react/components/navbar_dropdown.jsx
@@ -142,10 +142,10 @@ export default class NavbarDropdown extends React.Component {
             >
             </li>
         );
-        if (this.state.teams.length > 1 && this.state.currentTeam) {
-            var curTeamName = this.state.currentTeam.name;
+
+        if (this.state.teams.length > 1) {
             this.state.teams.forEach((teamName) => {
-                if (teamName !== curTeamName) {
+                if (teamName !== this.props.teamName) {
                     teams.push(<li key={teamName}><a href={Utils.getWindowLocationOrigin() + '/' + teamName}>{'Switch to ' + teamName}</a></li>);
                 }
             });
@@ -234,5 +234,7 @@ NavbarDropdown.defaultProps = {
     teamType: ''
 };
 NavbarDropdown.propTypes = {
-    teamType: React.PropTypes.string
+    teamType: React.PropTypes.string,
+    teamDisplayName: React.PropTypes.string,
+    teamName: React.PropTypes.string
 };
diff --git a/web/react/components/sidebar.jsx b/web/react/components/sidebar.jsx
index 6033f200f..dfaa4c794 100644
--- a/web/react/components/sidebar.jsx
+++ b/web/react/components/sidebar.jsx
@@ -508,6 +508,7 @@ export default class Sidebar extends React.Component {
                 />
                 <SidebarHeader
                     teamDisplayName={this.props.teamDisplayName}
+                    teamName={this.props.teamName}
                     teamType={this.props.teamType}
                 />
                 <SearchBox />
@@ -587,5 +588,6 @@ Sidebar.defaultProps = {
 };
 Sidebar.propTypes = {
     teamType: React.PropTypes.string,
-    teamDisplayName: React.PropTypes.string
+    teamDisplayName: React.PropTypes.string,
+    teamName: React.PropTypes.string
 };
diff --git a/web/react/components/sidebar_header.jsx b/web/react/components/sidebar_header.jsx
index 072c14e0a..33de35064 100644
--- a/web/react/components/sidebar_header.jsx
+++ b/web/react/components/sidebar_header.jsx
@@ -52,6 +52,8 @@ export default class SidebarHeader extends React.Component {
                 <NavbarDropdown
                     ref='dropdown'
                     teamType={this.props.teamType}
+                    teamDisplayName={this.props.teamDisplayName}
+                    teamName={this.props.teamName}
                 />
             </div>
         );
@@ -64,5 +66,6 @@ SidebarHeader.defaultProps = {
 };
 SidebarHeader.propTypes = {
     teamDisplayName: React.PropTypes.string,
+    teamName: React.PropTypes.string,
     teamType: React.PropTypes.string
 };
diff --git a/web/react/pages/channel.jsx b/web/react/pages/channel.jsx
index 74259194a..c333fd57d 100644
--- a/web/react/pages/channel.jsx
+++ b/web/react/pages/channel.jsx
@@ -36,11 +36,14 @@ var RemovedFromChannelModal = require('../components/removed_from_channel_modal.
 var FileUploadOverlay = require('../components/file_upload_overlay.jsx');
 var RegisterAppModal = require('../components/register_app_modal.jsx');
 var ImportThemeModal = require('../components/user_settings/import_theme_modal.jsx');
+var TeamStore = require('../stores/team_store.jsx');
 
 var Constants = require('../utils/constants.jsx');
 var ActionTypes = Constants.ActionTypes;
 
 function setupChannelPage(props) {
+    TeamStore.setCurrentId(props.TeamId);
+
     AppDispatcher.handleViewAction({
         type: ActionTypes.CLICK_CHANNEL,
         name: props.ChannelName,
@@ -71,6 +74,7 @@ function setupChannelPage(props) {
     React.render(
         <Sidebar
             teamDisplayName={props.TeamDisplayName}
+            teamName={props.TeamName}
             teamType={props.TeamType}
         />,
         document.getElementById('sidebar-left')
diff --git a/web/web.go b/web/web.go
index bf985a5a0..83b59ead4 100644
--- a/web/web.go
+++ b/web/web.go
@@ -189,9 +189,40 @@ func login(c *api.Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// We still might be able to switch to this team because we've logged in before
+	if multiCookie, err := r.Cookie(model.MULTI_SESSION_TOKEN); err == nil {
+		multiToken := multiCookie.Value
+
+		if len(multiToken) > 0 {
+			tokens := strings.Split(multiToken, " ")
+
+			for _, token := range tokens {
+				if sr := <-api.Srv.Store.Session().Get(token); sr.Err == nil {
+					s := sr.Data.(*model.Session)
+
+					if !s.IsExpired() && s.TeamId == team.Id {
+						w.Header().Set(model.HEADER_TOKEN, s.Token)
+						sessionCookie := &http.Cookie{
+							Name:     model.SESSION_TOKEN,
+							Value:    s.Token,
+							Path:     "/",
+							MaxAge:   model.SESSION_TIME_WEB_IN_SECS,
+							HttpOnly: true,
+						}
+
+						http.SetCookie(w, sessionCookie)
+
+						http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/channels/town-square", http.StatusTemporaryRedirect)
+						return
+					}
+				}
+			}
+		}
+	}
+
 	page := NewHtmlTemplatePage("login", "Login")
 	page.Props["TeamDisplayName"] = team.DisplayName
-	page.Props["TeamName"] = teamName
+	page.Props["TeamName"] = team.Name
 	page.Render(c, w)
 }
 
@@ -319,7 +350,7 @@ func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) {
 			// lets make sure the user is valid
 			if result := <-api.Srv.Store.User().Get(c.Session.UserId); result.Err != nil {
 				c.Err = result.Err
-				c.RemoveSessionCookie(w)
+				c.RemoveSessionCookie(w, r)
 				l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId)
 				return
 			}
@@ -344,6 +375,7 @@ func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) {
 	page := NewHtmlTemplatePage("channel", "")
 	page.Props["Title"] = name + " - " + team.DisplayName + " " + page.ClientProps["SiteName"]
 	page.Props["TeamDisplayName"] = team.DisplayName
+	page.Props["TeamName"] = team.Name
 	page.Props["TeamType"] = team.Type
 	page.Props["TeamId"] = team.Id
 	page.Props["ChannelName"] = name
@@ -451,6 +483,7 @@ func resetPassword(c *api.Context, w http.ResponseWriter, r *http.Request) {
 	page := NewHtmlTemplatePage("password_reset", "")
 	page.Props["Title"] = "Reset Password " + page.ClientProps["SiteName"]
 	page.Props["TeamDisplayName"] = teamDisplayName
+	page.Props["TeamName"] = teamName
 	page.Props["Hash"] = hash
 	page.Props["Data"] = data
 	page.Props["TeamName"] = teamName