sess

package
v0.0.88 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2024 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package sess provides an implementation of http sessions that is backed by tamper-proof & encrypted cookies. This package should ideally be used together with the ong github.com/komuw/ong/middleware middlewares.

Index

Examples

Constants

View Source 
const (

	// CookieName is the name of the http cookie under which sessions are stored.
	CookieName = "ong_sess"
)

Variables

This section is empty.

Functions

func Get 

func Get(r *http.Request, key string) string

Get retrieves the value corresponding to the given key from the current http session. It returns an empty string if key is not found in the session. r ought to be a request that was created by Initialise

func GetM 

func GetM(r *http.Request) map[string]string

GetM retrieves all the key-value pairs found from the current http session. It returns a zero-length map if none is found. r ought to be a request that was created by Initialise

func Initialise 

func Initialise(r *http.Request, secretKey, antiReplay string) *http.Request

Initialise returns a new http.Request (based on r) that has sessions properly setup. If antiReplay is a non-empty string, it is used to try and mitigate against [replay attacks]. This mitigation not foolproof.

You do not need to call this function, if you are also using the [ong middleware]. Those middleware do so automatically for you.

[replay attacks]: https://en.wikipedia.org/wiki/Replay_attack [ong middleware]: github.com/komuw/ong/middleware

func Save 

func Save(
	r *http.Request,
	w http.ResponseWriter,
	domain string,
	mAge time.Duration,
	secretKey string,
)

Save writes(to http cookies) any key-value pairs that have already been added to the current http session.

You do not need to call this function, if you are also using the ong github.com/komuw/ong/middleware middleware. Those middleware do so automatically for you.

func Set 

func Set(r *http.Request, key, value string)

Set adds the key-value pair to the current http session. r ought to be a request that was created by Initialise

func SetM 

func SetM(r *http.Request, m M)

SetM adds multiple key-value pairs to the current http session. r ought to be a request that was created by Initialise

Example 
package main

import (
	"context"
	"fmt"
	"net/http"
	"net/http/httptest"
	"os"

	"github.com/komuw/ong/config"
	"github.com/komuw/ong/log"
	"github.com/komuw/ong/middleware"
	"github.com/komuw/ong/sess"
)

func loginHandler() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		mySession := map[string]string{
			"name":           "John Doe",
			"favorite_color": "red",
			"height":         "5 feet 6 inches",
		}
		sess.SetM(r, mySession)

		fmt.Fprint(w, "welcome again.")
	}
}

func main() {
	l := log.New(context.Background(), os.Stdout, 100)
	rec := httptest.NewRecorder()
	req := httptest.NewRequest(http.MethodGet, "/login", nil)
	handler := middleware.Get(
		loginHandler(),
		config.WithOpts("example.com", 443, "super-h@rd-Pas1word", config.DirectIpStrategy, l),
	)
	handler.ServeHTTP(rec, req)

	res := rec.Result()
	defer res.Body.Close()

	if res.StatusCode != http.StatusOK {
		panic("unexcpected")
	}

	fmt.Println(res.Cookies()[0])
}

Output:

Types

type M 

type M = map[string]string

M is an alias of map[string]string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.