sessions

package
v6.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 6, 2021 License: MIT, MIT Imports: 11 Imported by: 0

Documentation

Overview

Package sessions as originally written by me at https://github.com/kataras/go-sessions Based on kataras/go-sessions v1.0.1.

Edited for Iris v6 (or iris vNext) and removed all fasthttp things in order to reduce the compiled and go getable size. The 'file' and 'leveldb' databases are missing because they written by community, not me, you can still adapt any database with .UseDatabase because it expects an interface,

find more databases here: https://github.com/kataras/go-sessions/tree/master/sessiondb

Index

Constants

View Source
const (
	// DefaultCookieName the secret cookie's name for sessions
	DefaultCookieName = "irissessionid"
	// DefaultCookieLength is the default Session Manager's CookieLength, which is 32
	DefaultCookieLength = 32
)

Variables

View Source
var (
	// CookieExpireDelete may be set on Cookie.Expire for expiring the given cookie.
	CookieExpireDelete = time.Date(2009, time.November, 10, 23, 0, 0, 0, time.UTC)

	// CookieExpireUnlimited indicates that the cookie doesn't expire.
	CookieExpireUnlimited = time.Now().AddDate(24, 10, 10)
)
View Source
var SessionIDGenerator = func(strLength int) string {
	return base64.URLEncoding.EncodeToString(random(strLength))
}

SessionIDGenerator returns a random string, used to set the session id you are able to override this to use your own method for generate session ids.

Functions

func AddCookie

func AddCookie(cookie *http.Cookie, res http.ResponseWriter)

AddCookie adds a cookie

func Deserialize

func Deserialize(str string, m interface{}) error

Deserialize accepts an encoded string and a data struct which will be filled with the desierialized string using gob decoder

func GetCookie

func GetCookie(name string, req *http.Request) string

GetCookie returns cookie's value by it's name returns empty string if nothing was found

func IsValidCookieDomain

func IsValidCookieDomain(domain string) bool

IsValidCookieDomain returns true if the receiver is a valid domain to set valid means that is recognised as 'domain' by the browser, so it(the cookie) can be shared with subdomains also

func RemoveCookie

func RemoveCookie(name string, res http.ResponseWriter, req *http.Request)

RemoveCookie deletes a cookie by it's name/key

func Serialize

func Serialize(m interface{}) (string, error)

Serialize serialize any type to gob bytes and after returns its the base64 encoded string

Types

type Config

type Config struct {
	// Cookie string, the session's client cookie name, for example: "mysessionid"
	//
	// Defaults to "irissessionid"
	Cookie string

	// Encode the cookie value if not nil.
	// Should accept as first argument the cookie name (config.Name)
	//         as second argument the server's generated session id.
	// Should return the new session id, if error the session id setted to empty which is invalid.
	//
	// Note: Errors are not printed, so you have to know what you're doing,
	// and remember: if you use AES it only supports key sizes of 16, 24 or 32 bytes.
	// You either need to provide exactly that amount or you derive the key from what you type in.
	//
	// Defaults to nil
	Encode func(cookieName string, value interface{}) (string, error)
	// Decode the cookie value if not nil.
	// Should accept as first argument the cookie name (config.Name)
	//               as second second accepts the client's cookie value (the encoded session id).
	// Should return an error if decode operation failed.
	//
	// Note: Errors are not printed, so you have to know what you're doing,
	// and remember: if you use AES it only supports key sizes of 16, 24 or 32 bytes.
	// You either need to provide exactly that amount or you derive the key from what you type in.
	//
	// Defaults to nil
	Decode func(cookieName string, cookieValue string, v interface{}) error

	// Expires the duration of which the cookie must expires (created_time.Add(Expires)).
	// If you want to delete the cookie when the browser closes, set it to -1.
	//
	// 0 means no expire, (24 years)
	// -1 means when browser closes
	// > 0 is the time.Duration which the session cookies should expire.
	//
	// Defaults to infinitive/unlimited life duration(0)
	Expires time.Duration

	// CookieLength the length of the sessionid's cookie's value, let it to 0 if you don't want to change it
	//
	// Defaults to 32
	CookieLength int

	// DisableSubdomainPersistence set it to true in order dissallow your q subdomains to have access to the session cookie
	//
	// Defaults to false
	DisableSubdomainPersistence bool
}

Config is the configuration for sessions has 5 fields first is the cookieName, the session's name (string) ["mysessionsecretcookieid"] second enable if you want to decode the cookie's key also third is the time which the client's cookie expires forth is the cookie length (sessionid) int, defaults to 32, do not change if you don't have any reason to do fifth is the DisableSubdomainPersistence which you can set it to true in order dissallow your q subdomains to have access to the session cook

func (Config) Validate

func (c Config) Validate() Config

Validate corrects missing fields configuration fields and returns the right configuration

type Database

type Database interface {
	Load(string) map[string]interface{}
	Update(string, map[string]interface{})
}

Database is the interface which all session databases should implement By design it doesn't support any type of cookie session like other frameworks, I want to protect you, believe me, no context access (although we could) The scope of the database is to session somewhere the sessions in order to

keep them after restarting the server, nothing more.

the values are sessiond by the underline session, the check for new sessions, or 'this session value should added' are made automatically by q, you are able just to set the values to your backend database with Load function. session database doesn't have any write or read access to the session, the loading of the initial data is done by the Load(string) map[string]interfface{} function synchronization are made automatically, you can register more than one session database but the first non-empty Load return data will be used as the session values.

type Sessions

type Sessions interface {
	// Adapt is used to adapt this sessions manager as an iris.SessionsPolicy
	// to an Iris station.
	// It's being used by the framework, developers should not actually call this function.
	Adapt(*iris.Policies)

	// UseDatabase ,optionally, adds a session database to the manager's provider,
	// a session db doesn't have write access
	// see https://github.com/kataras/go-sessions/tree/master/sessiondb for its usage.
	UseDatabase(Database)

	// Start starts the session for the particular net/http request
	Start(http.ResponseWriter, *http.Request) iris.Session

	// Destroy deletes all session data and remove the associated cookie.
	Destroy(http.ResponseWriter, *http.Request)

	// DestroyByID removes the session entry
	// from the server-side memory (and database if registered).
	// Client's session cookie will still exist but it will be reseted on the next request.
	//
	// It's safe to use it even if you are not sure if a session with that id exists.
	//
	// Note: the sid should be the original one (i.e: fetched by a store )
	// it's not decoded.
	DestroyByID(string)
	// DestroyAll removes all sessions
	// from the server-side memory (and database if registered).
	// Client's session cookie will still exist but it will be reseted on the next request.
	DestroyAll()
}

Sessions is the start point of this package contains all the registered sessions and manages them

func New

func New(cfg Config) Sessions

New returns a new fast, feature-rich sessions manager it can be adapted to an Iris station

Directories

Path Synopsis
sessiondb

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL