Mercurial > gemma
view pkg/auth/store.go @ 3827:6028326b88d6 sld-colors
go fmt'ed
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Wed, 03 Jul 2019 17:48:47 +0200 |
parents | 0db742c7813d |
children | 7cccf7fef3e8 |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2018 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package auth import ( "bytes" "errors" "log" "time" "gemma.intevation.de/gemma/pkg/config" bolt "github.com/etcd-io/bbolt" ) // ErrNoSuchToken is returned if a given token does not // exists th the session store. var ErrNoSuchToken = errors.New("No such token") // Sessions is the global connection pool. var Sessions *SessionStore // SessionStore encapsulates a set of currently active sessions. type SessionStore struct { storage *bolt.DB sessions map[string]*Session cmds chan func() } var sessionsBucket = []byte("sessions") // NewSessionStore creates a new session store. // If the filename is empty the session are only hold in memory. // If the filename is not empty the sessions are mirrored to // a file with this name. Use the later option if you want // a persistent session store. func NewSessionStore(filename string) (*SessionStore, error) { ss := &SessionStore{ sessions: make(map[string]*Session), cmds: make(chan func()), } if err := ss.openStorage(filename); err != nil { return nil, err } go ss.run() return ss, nil } // openStorage opens a storage file. func (ss *SessionStore) openStorage(filename string) error { // No file, nothing to restore/persist. if filename == "" { return nil } db, err := bolt.Open(filename, 0600, nil) if err != nil { return err } err = db.Update(func(tx *bolt.Tx) error { b, err := tx.CreateBucketIfNotExists(sessionsBucket) if err != nil { return err } // pre-load sessions c := b.Cursor() for k, v := c.First(); k != nil; k, v = c.Next() { var session Session if err := session.deserialize(bytes.NewReader(v)); err != nil { return err } ss.sessions[string(k)] = &session } return nil }) if err != nil { db.Close() return err } ss.storage = db return nil } func (ss *SessionStore) run() { for { select { case cmd := <-ss.cmds: cmd() case <-time.After(time.Minute * 5): ss.cleanToken() } } } func (ss *SessionStore) cleanToken() { now := time.Now() for token, session := range ss.sessions { expires := time.Unix(session.ExpiresAt, 0) if expires.Before(now) { delete(ss.sessions, token) ss.remove(token) } } } func (ss *SessionStore) remove(token string) { if ss.storage == nil { return } err := ss.storage.Update(func(tx *bolt.Tx) error { b := tx.Bucket(sessionsBucket) return b.Delete([]byte(token)) }) if err != nil { log.Printf("error: %v\n", err) } } // Delete removes a session identified by its token from the // session store. Returns true if there was such s session. func (ss *SessionStore) Delete(token string) bool { res := make(chan bool) ss.cmds <- func() { if _, found := ss.sessions[token]; !found { res <- false return } delete(ss.sessions, token) ss.remove(token) res <- true } return <-res } func (ss *SessionStore) store(token string, session *Session) { if ss.storage == nil { return } err := ss.storage.Update(func(tx *bolt.Tx) error { b := tx.Bucket(sessionsBucket) var buf bytes.Buffer if err := session.serialize(&buf); err != nil { return err } return b.Put([]byte(token), buf.Bytes()) }) if err != nil { log.Printf("error: %v\n", err) } } // Add puts a session into the session store identified by // a given token. An old session with the same key will // be replaced. func (ss *SessionStore) Add(token string, session *Session) { res := make(chan struct{}) ss.cmds <- func() { defer close(res) s := ss.sessions[token] if s == nil { s = session ss.sessions[token] = session } s.touch() ss.store(token, s) } <-res } // Renew refreshes a session. It takes an old token to // identify a session and returns a new token with the // freshed up one. func (ss *SessionStore) Renew(token string) (string, error) { type result struct { newToken string err error } resCh := make(chan result) ss.cmds <- func() { session := ss.sessions[token] if session == nil { resCh <- result{err: ErrNoSuchToken} } else { delete(ss.sessions, token) ss.remove(token) newToken := generateSessionKey() // TODO: Ensure that this is not racy! session.ExpiresAt = time.Now().Add(config.SessionTimeout()).Unix() ss.sessions[newToken] = session ss.store(newToken, session) resCh <- result{newToken: newToken} } } r := <-resCh return r.newToken, r.err } // Session returns the session associated with given token. // Returns nil if no matching session was found. func (ss *SessionStore) Session(token string) *Session { res := make(chan *Session) ss.cmds <- func() { session := ss.sessions[token] if session == nil { res <- nil } else { session.touch() ss.store(token, session) res <- session } } return <-res } // Logout removes all sessions of a given user from the session store. func (ss *SessionStore) Logout(user string) { ss.cmds <- func() { for token, session := range ss.sessions { if session.User == user { delete(ss.sessions, token) ss.remove(token) } } } } // Shutdown closes the session store. // If using the persistent mode the backing session database is closed. func (ss *SessionStore) Shutdown() error { if db := ss.storage; db != nil { log.Println("info: shutdown persistent session store.") ss.storage = nil return db.Close() } log.Println("info: shutdown in-memory session store.") return nil }