From 3fcca6ab524083cc72b02808dc59c63272fae4a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20=C5=A0ediv=C3=BD?= Date: Sat, 13 Mar 2021 22:17:49 +0100 Subject: [PATCH] OnHostChanged event and add tokens to session. --- internal/api/members/controler.go | 2 +- internal/api/session.go | 4 +-- internal/session/auth.go | 2 +- internal/session/manager.go | 41 ++++++++++++++++++++++++++----- internal/session/session.go | 1 + internal/types/session.go | 5 ++-- 6 files changed, 43 insertions(+), 12 deletions(-) diff --git a/internal/api/members/controler.go b/internal/api/members/controler.go index a6ed8ca3..1a6d5a4f 100644 --- a/internal/api/members/controler.go +++ b/internal/api/members/controler.go @@ -68,7 +68,7 @@ func (h *MembersHandler) membersCreate(w http.ResponseWriter, r *http.Request) { // TODO: Refactor. // data.ID - session, err := h.sessions.Create(*data.MemberProfile) + session, _, err := h.sessions.Create(*data.MemberProfile) if err != nil { utils.HttpInternalServerError(w, err) return diff --git a/internal/api/session.go b/internal/api/session.go index 446843d8..69761ba0 100644 --- a/internal/api/session.go +++ b/internal/api/session.go @@ -31,7 +31,7 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) { } // TODO: Proper login. - session, err := api.sessions.Create(types.MemberProfile{ + session, token, err := api.sessions.Create(types.MemberProfile{ Name: data.ID, IsAdmin: true, CanLogin: true, @@ -53,7 +53,7 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) { http.SetCookie(w, &http.Cookie{ Name: "NEKO_SESSION", - Value: session.ID(), + Value: token, Expires: CookieExpirationDate, Secure: !UnsecureCookies, SameSite: sameSite, diff --git a/internal/session/auth.go b/internal/session/auth.go index 3a46dd34..5eb23bdb 100644 --- a/internal/session/auth.go +++ b/internal/session/auth.go @@ -14,7 +14,7 @@ func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, return nil, fmt.Errorf("no authentication provided") } - session, ok := manager.Get(token) + session, ok := manager.GetByToken(token) if !ok { return nil, fmt.Errorf("session not found") } diff --git a/internal/session/manager.go b/internal/session/manager.go index 66ebf2eb..26f9ed1a 100644 --- a/internal/session/manager.go +++ b/internal/session/manager.go @@ -19,6 +19,7 @@ func New(config *config.Session) *SessionManagerCtx { config: config, host: nil, hostMu: sync.Mutex{}, + tokens: make(map[string]string), sessions: make(map[string]*SessionCtx), sessionsMu: sync.Mutex{}, emmiter: events.New(), @@ -30,36 +31,48 @@ type SessionManagerCtx struct { config *config.Session host types.Session hostMu sync.Mutex + tokens map[string]string sessions map[string]*SessionCtx sessionsMu sync.Mutex emmiter events.EventEmmiter } -func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Session, error) { +func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Session, string, error) { id, err := utils.NewUID(32) if err != nil { - return nil, err + return nil, "", err + } + + token, err := utils.NewUID(64) + if err != nil { + return nil, "", err } manager.sessionsMu.Lock() - _, ok := manager.sessions[id] - if ok { + if _, ok := manager.sessions[id]; ok { manager.sessionsMu.Unlock() - return nil, fmt.Errorf("Session id already exists.") + return nil, "", fmt.Errorf("Session id already exists.") + } + + if _, ok := manager.tokens[token]; ok { + manager.sessionsMu.Unlock() + return nil, "", fmt.Errorf("Session token already exists.") } session := &SessionCtx{ id: id, + token: token, manager: manager, logger: manager.logger.With().Str("id", id).Logger(), profile: profile, } + manager.tokens[token] = id manager.sessions[id] = session manager.sessionsMu.Unlock() manager.emmiter.Emit("created", session) - return session, nil + return session, token, nil } func (manager *SessionManagerCtx) Update(id string, profile types.MemberProfile) error { @@ -87,6 +100,10 @@ func (manager *SessionManagerCtx) Delete(id string) error { return fmt.Errorf("Session id not found.") } + if _, ok := manager.tokens[session.token]; ok { + delete(manager.tokens, session.token) + } + delete(manager.sessions, id) manager.sessionsMu.Unlock() @@ -107,6 +124,18 @@ func (manager *SessionManagerCtx) Get(id string) (types.Session, bool) { return session, ok } +func (manager *SessionManagerCtx) GetByToken(token string) (types.Session, bool) { + manager.sessionsMu.Lock() + id, ok := manager.tokens[token] + manager.sessionsMu.Unlock() + + if !ok { + return nil, false + } + + return manager.Get(id) +} + func (manager *SessionManagerCtx) List() []types.Session { manager.sessionsMu.Lock() defer manager.sessionsMu.Unlock() diff --git a/internal/session/session.go b/internal/session/session.go index c58dfdbf..701b9d45 100644 --- a/internal/session/session.go +++ b/internal/session/session.go @@ -10,6 +10,7 @@ import ( type SessionCtx struct { id string + token string logger zerolog.Logger manager *SessionManagerCtx profile types.MemberProfile diff --git a/internal/types/session.go b/internal/types/session.go index bea5acef..443ed042 100644 --- a/internal/types/session.go +++ b/internal/types/session.go @@ -59,10 +59,11 @@ type Session interface { } type SessionManager interface { - Create(profile MemberProfile) (Session, error) + Create(profile MemberProfile) (Session, string, error) Update(id string, profile MemberProfile) error - Get(id string) (Session, bool) Delete(id string) error + Get(id string) (Session, bool) + GetByToken(token string) (Session, bool) List() []Session SetHost(host Session)