Documentation
¶
Index ¶
- Variables
- type MemStore
- type RedisStore
- type SessionID
- func BeginSession(signingKey string, store Store, sessionState interface{}, ...) (SessionID, error)
- func EndSession(r *http.Request, signingKey string, store Store) (SessionID, error)
- func GetSessionID(r *http.Request, signingKey string) (SessionID, error)
- func GetState(r *http.Request, signingKey string, store Store, sessionState interface{}) (SessionID, error)
- func NewSessionID(signingKey string) (SessionID, error)
- func ValidateID(id string, signingKey string) (SessionID, error)
- type Store
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidID = errors.New("Invalid Session ID")
ErrInvalidID is returned when an invalid session id is passed to ValidateID()
var ErrInvalidScheme = errors.New("authorization scheme not supported")
ErrInvalidScheme is used when the authorization scheme is not supported
var ErrNoSessionID = errors.New("no session ID found in " + headerAuthorization + " header")
ErrNoSessionID is used when no session ID was found in the Authorization header
var ErrStateNotFound = errors.New("no session state was found in the session store")
ErrStateNotFound is returned from Store.Get() when the requested session id was not found in the store
Functions ¶
This section is empty.
Types ¶
type MemStore ¶
type MemStore struct {
// contains filtered or unexported fields
}
MemStore represents an in-process memory session store. This should be used only for testing and prototyping. Production systems should use a shared server store like redis
func NewMemStore ¶
NewMemStore constructs and returns a new MemStore
func (*MemStore) Delete ¶
Delete deletes all state data associated with the SessionID from the store.
func (*MemStore) Get ¶
Get populates `sessionState` with the data previously saved for the given SessionID
type RedisStore ¶
RedisStore represents a session.Store backed by redis
func NewRedisStore ¶
func NewRedisStore(client *redis.Client, sessionDuration time.Duration) *RedisStore
NewRedisStore constructs a new RedisStore
func (*RedisStore) Delete ¶
func (rs *RedisStore) Delete(sid SessionID) error
Delete deletes all state data associated with the SessionID from the store.
func (*RedisStore) Get ¶
func (rs *RedisStore) Get(sid SessionID, sessionState interface{}) error
Get populates `sessionState` with the data previously saved for the given SessionID
func (*RedisStore) Save ¶
func (rs *RedisStore) Save(sid SessionID, sessionState interface{}) error
Save saves the provided `sessionState` and associated SessionID to the store. The `sessionState` parameter is typically a pointer to a struct containing all the data you want to be associated with the given SessionID.
type SessionID ¶
type SessionID string
SessionID represents a valid, digitally-signed session ID. This is a base64 URL encoded string created from a byte slice where the first `idLength` bytes are crytographically random bytes representing the unique session ID, and the remaining bytes are an HMAC hash of those ID bytes (i.e., a digital signature). The byte slice layout is like so: +-----------------------------------------------------+ |...32 crypto random bytes...|HMAC hash of those bytes| +-----------------------------------------------------+
const InvalidSessionID SessionID = ""
InvalidSessionID represents an empty, invalid session ID
func BeginSession ¶
func BeginSession(signingKey string, store Store, sessionState interface{}, w http.ResponseWriter) (SessionID, error)
BeginSession creates a new SessionID, saves the `sessionState` to the store, adds an Authorization header to the response with the SessionID, and returns the new SessionID
func EndSession ¶
EndSession extracts the SessionID from the request, and deletes the associated data in the provided store, returning the extracted SessionID.
func GetSessionID ¶
GetSessionID extracts and validates the SessionID from the request headers
func GetState ¶
func GetState(r *http.Request, signingKey string, store Store, sessionState interface{}) (SessionID, error)
GetState extracts the SessionID from the request, gets the associated state from the provided store into the `sessionState` parameter, and returns the SessionID
func NewSessionID ¶
NewSessionID creates and returns a new digitally-signed session ID, using `signingKey` as the HMAC signing key. An error is returned only if there was an error generating random bytes for the session ID
func ValidateID ¶
ValidateID validates the string in the `id` parameter using the `signingKey` as the HMAC signing key and returns an error if invalid, or a SessionID if valid
type Store ¶
type Store interface {
// Save saves the provided `sessionState` and associated SessionID to the store.
// The `sessionState` parameter is typically a pointer to a struct containing
// all the data you want to associated with the given SessionID.
Save(sid SessionID, sessionState interface{}) error
// Get populates `sessionState` with the data previously saved
// for the given SessionID
Get(sid SessionID, sessionState interface{}) error
// Delete deletes all state data associated with the SessionID from the store.
Delete(sid SessionID) error
}
Store represents a session data store. This is an abstract interface that can be implemented against several different types of data stores. For example, session data could be stored in memory in a concurrent map, or more typically in a shared key/value server store like redis.
Source Files