sessions

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2019 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidSession = errors.New("internal/sessions: invalid session")

ErrInvalidSession is an error for invalid sessions.

View Source 
var (
	// ErrLifetimeExpired is an error for the lifetime deadline expiring
	ErrLifetimeExpired = errors.New("user lifetime expired")
)

Functions

func ExtendDeadline 

func ExtendDeadline(ttl time.Duration) time.Time

ExtendDeadline returns the time extended by a given duration, truncated by second

func MarshalSession 

func MarshalSession(s *SessionState, c cryptutil.Cipher) (string, error)

MarshalSession marshals the session state as JSON, encrypts the JSON using the given cipher, and base64-encodes the result

Types

type CSRFStore 

type CSRFStore interface {
	SetCSRF(http.ResponseWriter, *http.Request, string)
	GetCSRF(*http.Request) (*http.Cookie, error)
	ClearCSRF(http.ResponseWriter, *http.Request)
}

CSRFStore has the functions for setting, getting, and clearing the CSRF cookie

type CookieStore 

type CookieStore struct {
	Name           string
	CSRFCookieName string
	CookieCipher   cryptutil.Cipher
	CookieExpire   time.Duration
	CookieRefresh  time.Duration
	CookieSecure   bool
	CookieHTTPOnly bool
	CookieDomain   string
}

CookieStore represents all the cookie related configurations

func NewCookieStore 

func NewCookieStore(opts *CookieStoreOptions) (*CookieStore, error)

NewCookieStore returns a new session with ciphers for each of the cookie secrets

func (*CookieStore) ClearCSRF 

func (s *CookieStore) ClearCSRF(w http.ResponseWriter, req *http.Request)

ClearCSRF clears the CSRF cookie from the request

func (*CookieStore) ClearSession 

func (s *CookieStore) ClearSession(w http.ResponseWriter, req *http.Request)

ClearSession clears the session cookie from a request

func (*CookieStore) GetCSRF 

func (s *CookieStore) GetCSRF(req *http.Request) (*http.Cookie, error)

GetCSRF gets the CSRFCookie creates a CSRF cookie in a given request

func (*CookieStore) LoadSession 

func (s *CookieStore) LoadSession(req *http.Request) (*SessionState, error)

LoadSession returns a SessionState from the cookie in the request.

func (*CookieStore) SaveSession 

func (s *CookieStore) SaveSession(w http.ResponseWriter, req *http.Request, sessionState *SessionState) error

SaveSession saves a session state to a request sessions.

func (*CookieStore) SetCSRF 

func (s *CookieStore) SetCSRF(w http.ResponseWriter, req *http.Request, val string)

SetCSRF sets the CSRFCookie creates a CSRF cookie in a given request

type CookieStoreOptions added in v0.0.2 

type CookieStoreOptions struct {
	Name           string
	CookieSecure   bool
	CookieHTTPOnly bool
	CookieDomain   string
	CookieExpire   time.Duration
	CookieCipher   cryptutil.Cipher
}

CookieStoreOptions holds options for CookieStore

type MockCSRFStore 

type MockCSRFStore struct {
	ResponseCSRF string
	Cookie       *http.Cookie
	GetError     error
}

MockCSRFStore is a mock implementation of the CSRF store interface

func (MockCSRFStore) ClearCSRF 

func (ms MockCSRFStore) ClearCSRF(http.ResponseWriter, *http.Request)

ClearCSRF clears the ResponseCSRF string

func (MockCSRFStore) GetCSRF 

func (ms MockCSRFStore) GetCSRF(*http.Request) (*http.Cookie, error)

GetCSRF returns the cookie and error

func (MockCSRFStore) SetCSRF 

func (ms MockCSRFStore) SetCSRF(rw http.ResponseWriter, req *http.Request, val string)

SetCSRF sets the ResponseCSRF string to a val

type MockSessionStore 

type MockSessionStore struct {
	ResponseSession string
	Session         *SessionState
	SaveError       error
	LoadError       error
}

MockSessionStore is a mock implementation of the SessionStore interface

func (*MockSessionStore) ClearSession 

func (ms *MockSessionStore) ClearSession(http.ResponseWriter, *http.Request)

ClearSession clears the ResponseSession

func (MockSessionStore) LoadSession 

func (ms MockSessionStore) LoadSession(*http.Request) (*SessionState, error)

LoadSession returns the session and a error

func (MockSessionStore) SaveSession 

func (ms MockSessionStore) SaveSession(http.ResponseWriter, *http.Request, *SessionState) error

SaveSession returns a save error.

type SessionState 

type SessionState struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	IDToken      string `json:"id_token"`

	RefreshDeadline  time.Time `json:"refresh_deadline"`
	LifetimeDeadline time.Time `json:"lifetime_deadline"`

	Email  string   `json:"email"`
	User   string   `json:"user"` // 'sub' in jwt
	Groups []string `json:"groups"`
}

SessionState is our object that keeps track of a user's session state

func UnmarshalSession 

func UnmarshalSession(value string, c cryptutil.Cipher) (*SessionState, error)

UnmarshalSession takes the marshaled string, base64-decodes into a byte slice, decrypts the byte slice using the passed cipher, and unmarshals the resulting JSON into a session state struct

func (*SessionState) LifetimePeriodExpired 

func (s *SessionState) LifetimePeriodExpired() bool

LifetimePeriodExpired returns true if the lifetime has expired

func (*SessionState) RefreshPeriodExpired 

func (s *SessionState) RefreshPeriodExpired() bool

RefreshPeriodExpired returns true if the refresh period has expired

type SessionStore 

type SessionStore interface {
	ClearSession(http.ResponseWriter, *http.Request)
	LoadSession(*http.Request) (*SessionState, error)
	SaveSession(http.ResponseWriter, *http.Request, *SessionState) error
}

SessionStore has the functions for setting, getting, and clearing the Session cookie

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.