Mercurial > gemma
annotate auth/connection.go @ 215:f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Tue, 24 Jul 2018 11:09:18 +0200 |
parents | 3d0988d9f867 |
children | 11d1a488b08f |
rev | line source |
---|---|
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
1 package auth |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 import ( |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
4 "database/sql" |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
5 "errors" |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
6 "io" |
126
89cf2e7672ff
Implemented an explicit token deletion under endpoint /api/logout.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
27
diff
changeset
|
7 "log" |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
8 "sync" |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
9 "time" |
190
3457a60fb12d
Added stub for a persistent session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
151
diff
changeset
|
10 |
3457a60fb12d
Added stub for a persistent session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
151
diff
changeset
|
11 "gemma.intevation.de/gemma/config" |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
12 ) |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
13 |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
14 var ErrNoSuchToken = errors.New("No such token") |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
15 |
204
3d0988d9f867
De-virtualize the connection pool implementation.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
198
diff
changeset
|
16 var ConnPool = func() *ConnectionPool { |
3d0988d9f867
De-virtualize the connection pool implementation.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
198
diff
changeset
|
17 cp, err := NewConnectionPool(config.Config.SessionStore) |
3d0988d9f867
De-virtualize the connection pool implementation.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
198
diff
changeset
|
18 if err != nil { |
3d0988d9f867
De-virtualize the connection pool implementation.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
198
diff
changeset
|
19 log.Panicf("Error with session store: %v\n", err) |
190
3457a60fb12d
Added stub for a persistent session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
151
diff
changeset
|
20 } |
204
3d0988d9f867
De-virtualize the connection pool implementation.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
198
diff
changeset
|
21 return cp |
190
3457a60fb12d
Added stub for a persistent session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
151
diff
changeset
|
22 }() |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
23 |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
24 const ( |
130
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
25 maxOpen = 16 |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
26 maxDBIdle = time.Minute * 5 |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
27 ) |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
28 |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
29 type Connection struct { |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
30 session *Session |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
31 |
131
af114cf64822
Added some reference counting to open db connection to not forcefully close them when system is under pressure. TODO: check if this race free (it should).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
130
diff
changeset
|
32 access time.Time |
af114cf64822
Added some reference counting to open db connection to not forcefully close them when system is under pressure. TODO: check if this race free (it should).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
130
diff
changeset
|
33 db *sql.DB |
af114cf64822
Added some reference counting to open db connection to not forcefully close them when system is under pressure. TODO: check if this race free (it should).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
130
diff
changeset
|
34 refCount int |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
35 |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
36 mu sync.Mutex |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
37 } |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
38 |
198
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
39 func (c *Connection) serialize(w io.Writer) error { |
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
40 if err := c.session.serialize(w); err != nil { |
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
41 return err |
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
42 } |
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
43 access, err := c.last().MarshalText() |
215
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
44 if err != nil { |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
45 return err |
198
c20e86a3c073
Made serialisation of sessions symmetrical.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
197
diff
changeset
|
46 } |
215
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
47 wr := binWriter{w: w} |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
48 wr.write(uint32(len(access))) |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
49 wr.write(access) |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
50 return wr.err |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
51 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
52 |
197
e85413e5befa
Cleaned up serialisation/deserilisation of sessions a bit.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
193
diff
changeset
|
53 func (c *Connection) deserialize(r io.Reader) error { |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
54 session := new(Session) |
197
e85413e5befa
Cleaned up serialisation/deserilisation of sessions a bit.
Sascha L. Teichmann <teichmann@intevation.de>
parents:
193
diff
changeset
|
55 if err := session.deserialize(r); err != nil { |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
56 return err |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
57 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
58 |
215
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
59 rd := binReader{r: r} |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
60 var l uint32 |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
61 rd.read(&l) |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
62 access := make([]byte, l) |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
63 rd.read(access) |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
64 |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
65 if rd.err != nil { |
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
66 return rd.err |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
67 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
68 |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
69 var t time.Time |
215
f345edb409b2
Made serialisation and deserialisation of sessions more robust (fixed a small bug on the way).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
204
diff
changeset
|
70 if err := t.UnmarshalText(access); err != nil { |
193
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
71 return err |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
72 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
73 |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
74 *c = Connection{ |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
75 session: session, |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
76 access: t, |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
77 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
78 |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
79 return nil |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
80 } |
1585c334e8a7
More on persisting sessions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
190
diff
changeset
|
81 |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
82 func (c *Connection) set(session *Session) { |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
83 c.session = session |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
84 c.touch() |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
85 } |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
86 |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
87 func (c *Connection) touch() { |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
88 c.mu.Lock() |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
89 c.access = time.Now() |
134
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
90 c.mu.Unlock() |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
91 } |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
92 |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
93 func (c *Connection) last() time.Time { |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
94 c.mu.Lock() |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
95 access := c.access |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
96 c.mu.Unlock() |
0c56c56a1c44
Removed the JWT layer from the session management.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
133
diff
changeset
|
97 return access |
26
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
98 } |
96a429c5f227
Fundamental connection pool based on tokens.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
99 |
130
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
100 func (c *Connection) close() { |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
101 if c.db != nil { |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
102 if err := c.db.Close(); err != nil { |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
103 log.Printf("warn: %v\n", err) |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
104 } |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
105 c.db = nil |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
106 } |
13b82701b1fb
Take expiring time from serialized tokens to garbage collect them.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
129
diff
changeset
|
107 } |