README
¶
memstore
In-memory implementation of gorilla/sessions for use in tests and dev environments
This fork adds garbage collection.
How to install
go get github.com/ijkbytes/memstore
Documentation
Documentation, as usual, can be found at godoc.org.
The interface of gorilla/sessions is described at http://www.gorillatoolkit.org/pkg/sessions.
How to use
package main
import (
"fmt"
"github.com/ijkbytes/memstore"
"log"
"net/http"
"time"
)
func main() {
// Create a memory store, providing authentication and
// encryption key for securecookie
store := memstore.NewMemStore(
&memstore.GcOptions{ScanLimit: 2},
[]byte("authkey123"),
[]byte("enckey12341234567890123456789012"),
)
http.HandleFunc("/hello", func(w http.ResponseWriter, r *http.Request) {
// Get session by name.
session, err := store.Get(r, "session1")
if err != nil {
log.Printf("Error retrieving session: %v", err)
}
// The name should be 'foobar' if home page was visited before that and 'Guest' otherwise.
user, ok := session.Values["username"]
if !ok {
session.Options.MaxAge = -1
err = session.Save(r, w)
if err != nil {
log.Fatalf("Error saving session: %v", err)
}
user = "Guest"
}
fmt.Fprintf(w, "Hello %s", user)
})
http.HandleFunc("/login", func(w http.ResponseWriter, r *http.Request) {
// Get session by name.
session, err := store.Get(r, "session1")
if err != nil {
log.Printf("Error retrieving session: %v", err)
}
// Add values to the session object
session.Values["username"] = "foobar"
session.Values["email"] = "spam@eggs.com"
// after 30s, the server will delete the session
session.Values[memstore.ExpiredMember] = time.Now().Add(time.Second * 30)
// Save values
err = session.Save(r, w)
if err != nil {
log.Fatalf("Error saving session: %v", err)
}
})
log.Printf("listening on http://%s/", "127.0.0.1:9090")
log.Fatal(http.ListenAndServe(":9090", nil))
}
Documentation
¶
Index ¶
Constants ¶
const ExpiredMember = "ijkbytes/memstore$expired"
To be compatible with Save(), define ExpiredMember as a special key for session expiration in server end.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GcOptions ¶
type GcOptions struct {
ScanLimit uint
}
GcOptions control the sessions's garbage collection. ScanLimit determines the number of sessions will be scan in random order while GC. Note: GC executes every 30 seconds; Get() will check if the session has expired.
type MemStore ¶
type MemStore struct {
Codecs []securecookie.Codec
Options *sessions.Options
// contains filtered or unexported fields
}
MemStore is an in-memory implementation of gorilla/sessions, suitable for use in tests and development environments. Do not use in production. Values are cached in a map. The cache is protected and can be used by multiple goroutines.
func NewMemStore ¶
NewMemStore returns a new MemStore. gcOpts control the sessions's garbage collection, see struct definition for more detail.
Keys are defined in pairs to allow key rotation, but the common case is to set a single authentication key and optionally an encryption key.
The first key in a pair is used for authentication and the second for encryption. The encryption key can be set to nil or omitted in the last pair, but the authentication key is required in all pairs.
It is recommended to use an authentication key with 32 or 64 bytes. The encryption key, if set, must be either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 modes.
Use the convenience function securecookie.GenerateRandomKey() to create strong keys.
func (*MemStore) Get ¶
Get returns a session for the given name after adding it to the registry.
It returns a new session if the sessions doesn't exist (if the session has expired in server end, return a new too). Access IsNew on the session to check if it is an existing session or a new one.
It returns a new session and an error if the session exists but could not be decoded.
func (*MemStore) MaxAge ¶
MaxAge sets the maximum age for the store and the underlying cookie implementation. Individual sessions can be deleted by setting Options.MaxAge = -1 for that session.
func (*MemStore) New ¶
New returns a session for the given name without adding it to the registry. It will if the session has expired in server end.
The difference between New() and Get() is that calling New() twice will decode the session data twice, while Get() registers and reuses the same decoded session after the first call.
Source Files
Directories