session

Documentation

Index

• Variables
• type EncryptedVerifier
  • func NewEncryptedVerifier(secret string) EncryptedVerifier
  • func (v EncryptedVerifier) Decode(data string) ([]byte, error)
  • func (v EncryptedVerifier) Encode(data []byte) (string, error)
• type PlainVerifier
  • func NewVerifier(secret string) PlainVerifier
  • func (v PlainVerifier) Decode(message string) ([]byte, error)
  • func (v PlainVerifier) Encode(data []byte) (string, error)
• type Store
  • func New[T any](name string, verifier Verifier) *Store[T]
  • func (s *Store[T]) Changed() bool
  • func (s *Store[T]) Cookie() (*http.Cookie, error)
  • func (s *Store[T]) FromCookie(cookie *http.Cookie) error
  • func (s *Store[T]) FromRequest(r *http.Request) error
  • func (s *Store[T]) Write(w http.ResponseWriter) error
  • func (s *Store[T]) WriteIfChanged(w http.ResponseWriter) error
• type Verifier

Variables

var Base64Encoding = base64.RawStdEncoding

Types

type EncryptedVerifier

type EncryptedVerifier struct {
	// contains filtered or unexported fields
}

EncryptedVerifier is a Verifier that uses AES-GCM to encrypt and decrypt messages.

func NewEncryptedVerifier

func NewEncryptedVerifier(secret string) EncryptedVerifier

NewEncryptedVerifier creates a new EncryptedVerifier with the given secret. The provided secret must be 16, 24, or 32 bytes long to use AES-128, AES-192, or AES-256 respectively.

func (EncryptedVerifier) Decode

func (v EncryptedVerifier) Decode(data string) ([]byte, error)

Decode decrypts the given message using AES-GCM and returns the decoded data.

func (EncryptedVerifier) Encode

func (v EncryptedVerifier) Encode(data []byte) (string, error)

Encode encrypts the given data using AES-GCM and returns the encoded message.

type PlainVerifier

type PlainVerifier struct {
	// contains filtered or unexported fields
}

Generates and verifies messages to prevent tampering. Useful for session cookies and magic links.

func NewVerifier

func NewVerifier(secret string) PlainVerifier

Returns a new Verifier that uses the provided secret to sign and verify messages.

func (PlainVerifier) Decode

func (v PlainVerifier) Decode(message string) ([]byte, error)

Accepts a signed message and returns the original data if the message is valid.

func (PlainVerifier) Encode

func (v PlainVerifier) Encode(data []byte) (string, error)

Accepts data as a byte array and returns a signed message.

type Store

type Store[T any] struct {
	Data T
	// contains filtered or unexported fields
}

Store is a wrapper around a http.Cookie that provides signed messages, allowing you to securely store data in a cookie.

The data stored is still readable by the client, so secrets and sensitive data should not be stored in Store.Data.

func New

func New[T any](name string, verifier Verifier) *Store[T]

New creates a new Store with the given name and verifies Data using the passed in Verifier.

func (*Store[T]) Changed

func (s *Store[T]) Changed() bool

func (*Store[T]) Cookie

func (s *Store[T]) Cookie() (*http.Cookie, error)

Cookie returns the underlying http.Cookie that is used to store the session.

func (*Store[T]) FromCookie

func (s *Store[T]) FromCookie(cookie *http.Cookie) error

FromCookie attempts to decode the data from the passed in Cookie and verifies the data hasn't been tampered with.

func (*Store[T]) FromRequest

func (s *Store[T]) FromRequest(r *http.Request) error

FromRequest reads the cookie with the provided name from the Request. The data is then decoded and verified using the Verifier.

func (*Store[T]) Write

func (s *Store[T]) Write(w http.ResponseWriter) error

Write encodes the Data into a JSON object, signs it using the message verifier, then writes it to the passed in http.ResponseWriter using the name provided by New.

func (*Store[T]) WriteIfChanged

func (s *Store[T]) WriteIfChanged(w http.ResponseWriter) error

Writes the session to the response writer only if the underlying data has changed.

type Verifier

type Verifier interface {
	Encode([]byte) (string, error)
	Decode(string) ([]byte, error)
}