gemma: auth/session.go annotate

annotate auth/session.go @ 149:83d798ea9f58

Rename token.go to session.go because its more fitting.

author	Sascha L. Teichmann <sascha.teichmann@intevation.de>
date	Mon, 02 Jul 2018 11:14:46 +0200
parents	auth/token.go@0c56c56a1c44
children	1585c334e8a7

rev	line source
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	1 package auth
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	2
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	3 import (
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	4 "crypto/rand"
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	5 "encoding/base64"
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	6 "io"
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	7 "time"
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	8 )
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	9
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	10 type Session struct {
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	11 ExpiresAt int64 `json:"expires"`
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	12 User string `json:"user"`
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	13 Password string `json:"password"`
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	14 Roles []string `json:"roles"`
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	15 }
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	16
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	17 const (
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	18 sessionKeyLength = 20
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	19 maxTokenValid = time.Hour * 3
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	20 )
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	21
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	22 func NewSession(user, password string, roles []string) *Session {
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	23
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	24 // Create the Claims
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	25 return &Session{
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	26 ExpiresAt: time.Now().Add(maxTokenValid).Unix(),
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	27 User: user,
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	28 Password: password,
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	29 Roles: roles,
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	30 }
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	31 }
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	32
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	33 func GenerateSessionKey() string {
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	34 return base64.URLEncoding.EncodeToString(GenerateRandomKey(sessionKeyLength))
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	35 }
29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	36
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	37 func GenerateRandomKey(length int) []byte {
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	38 k := make([]byte, length)
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	39 if _, err := io.ReadFull(rand.Reader, k); err != nil {
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	40 return nil
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	41 }
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	42 return k
119 29e56c342c9f Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	43 }
124 bb9120d28950 Generate JWT from database roles. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 119 diff changeset	44
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	45 func GenerateSession(user, password string) (string, *Session, error) {
124 bb9120d28950 Generate JWT from database roles. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 119 diff changeset	46 roles, err := AllOtherRoles(user, password)
bb9120d28950 Generate JWT from database roles. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 119 diff changeset	47 if err != nil {
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	48 return "", nil, err
124 bb9120d28950 Generate JWT from database roles. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 119 diff changeset	49 }
134 0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	50 token := GenerateSessionKey()
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	51 session := NewSession(user, password, roles)
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	52 ConnPool.Add(token, session)
0c56c56a1c44 Removed the JWT layer from the session management. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 124 diff changeset	53 return token, session, nil
124 bb9120d28950 Generate JWT from database roles. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 119 diff changeset	54 }

Mercurial > gemma

annotate auth/session.go @ 149:83d798ea9f58