session

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 28, 2020 License: MIT Imports: 12 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type InMemoryRevocationStore

type InMemoryRevocationStore struct {
	// contains filtered or unexported fields
}

InMemoryRevocationStore keeps track of revoked tokens in memory and periodically flushes old tokens

func NewInMemoryRevocationStore

func NewInMemoryRevocationStore(flushInterval time.Duration) *InMemoryRevocationStore

NewInMemoryRevocationStore returns a new in memory revocation store which checks for expired tokens every flushInterval

func (*InMemoryRevocationStore) IsRevoked

func (s *InMemoryRevocationStore) IsRevoked(id string) bool

IsRevoked implements the interface method

func (*InMemoryRevocationStore) Revoke

func (s *InMemoryRevocationStore) Revoke(id string, trackFor time.Duration)

Revoke implements the interface method

func (*InMemoryRevocationStore) Start

func (s *InMemoryRevocationStore) Start()

Start the collection job

func (*InMemoryRevocationStore) Stop

func (s *InMemoryRevocationStore) Stop()

Stop the collection job

type KeyStore

type KeyStore interface {
	LoadPrivateKey(string) ([]byte, *rsa.PrivateKey, error)
	LoadPublicKey(string) ([]byte, error)
}

KeyStore interface for retrieving keys (used for encrypting session cookie)

type Module

type Module struct {
	Logger *logger.Module

	KeyStore        KeyStore
	RevocationStore RevocationStore

	SecureCookie            bool
	CookieDomain            string
	CookieName              string
	KeyFile                 string
	SessionValidityDuration time.Duration
	// contains filtered or unexported fields
}

Module session is for keeping track of sessions See: - NewSessionCookie - Verify - VerifyAndExtend - EndSession

func (*Module) Authenticate

func (m *Module) Authenticate(rw http.ResponseWriter, req *http.Request) (handled bool, userToken *string, err error)

Authenticate implements github.com/octavore/nagax/users.Authenticate todo: store session.ID in the context?

func (*Module) CreateScopedSession

func (m *Module) CreateScopedSession(userToken, domain string, rw http.ResponseWriter) error

CreateScopedSession update the response with a session cookie

func (*Module) CreateSession

func (m *Module) CreateSession(userToken string, rw http.ResponseWriter) error

CreateSession update the response with a session cookie

func (*Module) DestroySession

func (m *Module) DestroySession(rw http.ResponseWriter, req *http.Request)

DestroySession handles a logout request and attempts to erase the session cookie.

func (*Module) Init

func (m *Module) Init(c *service.Config)

Init implements module.Init

func (*Module) Logout

func (m *Module) Logout(rw http.ResponseWriter, req *http.Request)

Logout implements github.com/octavore/nagax/users.Logout note that there is no redirect

func (*Module) NewSessionCookie

func (m *Module) NewSessionCookie(u *UserSession) (*http.Cookie, error)

NewSessionCookie creates a new encrypted cookie for the given UserSession

func (*Module) Verify

func (m *Module) Verify(req *http.Request) (string, error)

Verify a request with a cookie

func (*Module) VerifyAndExtend

func (m *Module) VerifyAndExtend(rw http.ResponseWriter, req *http.Request) (string, error)

VerifyAndExtend authenticates a cookie based session and refreshes the validity period. Returns an error if there was a cookie but it was invalid

type RevocationStore

type RevocationStore interface {
	Revoke(id string, trackFor time.Duration)
	IsRevoked(id string) bool
}

RevocationStore is the interface for a store which keeps track of revoked sessions. By default it uses an in-memory store

type UserSession

type UserSession struct {
	ID        string `json:"user_id"`
	SessionID string `json:"session_id"`
}

UserSession data to be marshalled

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL