README
¶
Easy to use sessions for use with the Go http package.
Documentation
¶
Overview ¶
Package session implements a simple session handler for use with the Go http package.
Index ¶
Constants ¶
const TimeStampFormat = "2006-01-02 15:04:05.000"
Variables ¶
var ErrNotFound = errors.New("no session found")
SessionStorage implementations should return ErrNotFound when Get() finds no associated session.
Functions ¶
This section is empty.
Types ¶
type BoltStore ¶
type BoltStore struct {
// contains filtered or unexported fields
}
BoltStore is a session storage using bolt.
func NewBoltStore ¶
NewBoltStore returns a BoltStore SessionStorage.
type MemoryStore ¶
type MemoryStore struct {
// contains filtered or unexported fields
}
MemoryStore is a session storage that operates entirely in memory suitable for testing and small scale uses.
func NewMemoryStore ¶
func NewMemoryStore(maxAge time.Duration) (*MemoryStore, error)
NewMemoryStore returns a MemoryStore SessionStorage.
func (*MemoryStore) Commit ¶
func (s *MemoryStore) Commit(ses *Session) error
Commit session back to storage.
func (*MemoryStore) Delete ¶
func (s *MemoryStore) Delete(ses *Session) error
Delete session from storage.
type MySQLStore ¶
type MySQLStore struct {
// contains filtered or unexported fields
}
MySQLStore is a session storage for a MySQL database.
func NewMySQLStore ¶
NewMySQLStore creates a MySQLStore SessionStorage using the given database and tablename. The table will be created if it does not exist.
func (*MySQLStore) Commit ¶
func (s *MySQLStore) Commit(ses *Session) error
Commit session back to storage.
func (*MySQLStore) Delete ¶
func (s *MySQLStore) Delete(ses *Session) error
Delete session from storage.
type Session ¶
type Session struct {
sync.RWMutex
// Available for external use at your own risk.
Values map[string]string
// contains filtered or unexported fields
}
Session may be used concurrently, but should only be used in conjunction with a single HTTP request.
func (*Session) ActionToken ¶
ActionToken will return a token which can be embedded into forms to prevent cross site request attacks.
func (*Session) CanAct ¶
CanAct checks the current action token against the token in the request. Expects a form value named "actionToken". Returns true if it's a real request.
func (*Session) Commit ¶
Commit the session back to storage. MUST be called at the end of each request.
func (*Session) Get ¶
Get returns the session variable associated with key or an empty string if not found.
func (*Session) NewActionToken ¶
NewActionToken resets the action token, should be used after each checked action is performed.
type SessionManager ¶
type SessionManager struct {
// Set true to require Secure cookies
Secure bool
sync.RWMutex
// contains filtered or unexported fields
}
SessionManager type, use NewSessionManager() to create.
func NewSessionManager ¶
func NewSessionManager(storage SessionStorage, cookieName string) (*SessionManager, error)
NewSessionManager will initialize the sessions system. Expects a previously created SessionStorage and the name of the http cookie to use.
Once created, SessionManager.Secure can be set to force secure cookies.
func (*SessionManager) Begin ¶
func (sm *SessionManager) Begin(w http.ResponseWriter, req *http.Request) (*Session, error)
Begin using a session. Returns a session, resuming an existing session if possible and creating a new session if necessary.
func (*SessionManager) Close ¶
func (sm *SessionManager) Close() error
Close the session manager, ending the gc loop and doing whatever cleanup the storage manager demands.
func (*SessionManager) SetGCDelay ¶
func (sm *SessionManager) SetGCDelay(delay time.Duration) error
SetGCDelay is used to configure time between purging expired sessions. Default is every hour.
type SessionStorage ¶
type SessionStorage interface {
/*
Return a session associated with sid. Only the Values map is expected
to exist. Return ErrNotFound if no associated session with sid is found.
*/
Get(sid string) (*Session, error)
/*
Commit a session back into storage
*/
Commit(session *Session) error
/*
Delete a session from storage. NOP if the session isn't in storage,
only returns an error if something goes seriously wrong.
*/
Delete(session *Session) error
/*
Will be called periodically(see SetGCDelay()) to clean up expired
sessions
*/
GC() error
/*
Close the session storage peforming whatever cleanup is necessary.
*/
Close() error
}
SessionStorage interface is used and required by SessionManager.
Sessions passed as parameters can be used concurrently. All methods except Close() must be able to function concurrently.
Source Files