session

package module
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 27, 2024 License: MIT Imports: 17 Imported by: 0

README

Session

Overview

The Session repository is designed to handle the management of user sessions, including authorization, storage, and expiration. It provides a framework for manageing sessions across different databases and supports multiple login types.

Features

  • Session Management: Efficient handling of user session creation, storage, and expiration.
  • Database Support: Seamless integration with multiple databases.
    • PostgreSQL
    • Google Cloud Spanner
  • Login Types: Supports multiple authentication methods.
    • Azure OIDC
    • Credentials
Created and maintained by the CCC team.

Documentation

Overview

package session implements the session management for the application.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type LogHandler 

type LogHandler func(handler func(w http.ResponseWriter, r *http.Request) error) http.HandlerFunc

type OIDCAzureHandlers 

type OIDCAzureHandlers interface {
	Authenticated() http.HandlerFunc
	CallbackOIDC() http.HandlerFunc
	FrontChannelLogout() http.HandlerFunc
	Login() http.HandlerFunc
	Logout() http.HandlerFunc
}

type OIDCAzureSession 

type OIDCAzureSession struct {
	// contains filtered or unexported fields
}

func NewOIDCAzure 

func NewOIDCAzure(
	oidcAuthenticator oidc.Authenticator, oidcSession OIDCAzureSessionStorage, userManager UserManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
) *OIDCAzureSession

func (*OIDCAzureSession) Authenticated 

func (s *OIDCAzureSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*OIDCAzureSession) CallbackOIDC 

func (o *OIDCAzureSession) CallbackOIDC() http.HandlerFunc

CallbackOIDC is the handler for the callback from the OIDC auth provider

func (*OIDCAzureSession) FrontChannelLogout 

func (o *OIDCAzureSession) FrontChannelLogout() http.HandlerFunc

FrontChannelLogout is a handler which destroys the current session for a logout request initiated by the OIDC provider

func (*OIDCAzureSession) Login 

func (o *OIDCAzureSession) Login() http.HandlerFunc

func (*OIDCAzureSession) Logout 

func (s *OIDCAzureSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*OIDCAzureSession) SetSessionTimeout 

func (s *OIDCAzureSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*OIDCAzureSession) SetXSRFToken 

func (s *OIDCAzureSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*OIDCAzureSession) StartSession 

func (s *OIDCAzureSession) StartSession(next http.Handler) http.Handler

func (*OIDCAzureSession) ValidateSession 

func (s *OIDCAzureSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*OIDCAzureSession) ValidateXSRFToken 

func (s *OIDCAzureSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type OIDCAzureSessionStorage 

type OIDCAzureSessionStorage interface {
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

	// common storage functions that aren't oidc specific
	StorageManager
}

type PostgresqlOIDCSessionManager 

type PostgresqlOIDCSessionManager struct {
	*PostgresqlSessionManager
}

func NewPostgresqlOIDCSessionManager 

func NewPostgresqlOIDCSessionManager(accessor UserManager, db postgresql.Queryer) *PostgresqlOIDCSessionManager

func (*PostgresqlOIDCSessionManager) DestroySessionOIDC 

func (p *PostgresqlOIDCSessionManager) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*PostgresqlOIDCSessionManager) NewSession 

func (p *PostgresqlOIDCSessionManager) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (*PostgresqlOIDCSessionManager) Session 

func (p *PostgresqlOIDCSessionManager) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

type PostgresqlSessionManager 

type PostgresqlSessionManager struct {
	// contains filtered or unexported fields
}

func NewPostgresqlManager 

func NewPostgresqlManager(accessor UserManager, dbcon postgresql.Queryer) *PostgresqlSessionManager

func (*PostgresqlSessionManager) DestroySession 

func (p *PostgresqlSessionManager) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresqlSessionManager) UpdateSessionActivity 

func (p *PostgresqlSessionManager) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type StorageManager 

type StorageManager interface {
	DestroySession(ctx context.Context, sessionID ccc.UUID) error
	UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error
	Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)
}

type UserManager 

type UserManager interface {
	Domains(ctx context.Context) ([]access.Domain, error)
	UserRoles(ctx context.Context, username access.User, domain ...access.Domain) (map[access.Domain][]access.Role, error)
	RoleExists(ctx context.Context, role access.Role, domain access.Domain) bool
	AddUserRoles(ctx context.Context, user access.User, roles []access.Role, domain access.Domain) error
	DeleteUserRole(ctx context.Context, user access.User, role access.Role, domain access.Domain) error
	UserPermissions(ctx context.Context, username access.User, domain ...access.Domain) (map[access.Domain][]access.Permission, error)
}

Source Files

View all Source files

Directories

Path Synopsis
mock package is used to generate mock files for testing
 mock package is used to generate mock files for testing
mock_oidc
Package mock_oidc is a generated GoMock package.
 Package mock_oidc is a generated GoMock package.
mock_postgres
Package mock_postgresql is a generated GoMock package.
 Package mock_postgresql is a generated GoMock package.
mock_session
Package mock_session is a generated GoMock package.
 Package mock_session is a generated GoMock package.
oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
 oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
package postgresql implements the database layer for postgresql
 package postgresql implements the database layer for postgresql
sessioninfo package handles session information.
 sessioninfo package handles session information.
util is used for general utility function such as generic sorting/filtering and more
 util is used for general utility function such as generic sorting/filtering and more

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.