session

package module
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 11, 2024 License: MIT Imports: 19 Imported by: 0

README

Session

Overview

The Session repository is designed to handle the management of user sessions, including authorization, storage, and expiration. It provides a framework for manageing sessions across different databases and supports multiple login types.

Features

  • Session Management: Efficient handling of user session creation, storage, and expiration.
  • Database Support: Seamless integration with multiple databases.
    • PostgreSQL
    • Google Cloud Spanner
  • Login Types: Supports multiple authentication methods.
    • Azure OIDC
    • Username/Password
Created and maintained by the CCC team.

Documentation

Overview

package session implements the session management for the application.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type LogHandler 

type LogHandler func(handler func(w http.ResponseWriter, r *http.Request) error) http.HandlerFunc

type OIDCAzureHandlers 

type OIDCAzureHandlers interface {
	Authenticated() http.HandlerFunc
	CallbackOIDC() http.HandlerFunc
	FrontChannelLogout() http.HandlerFunc
	Login() http.HandlerFunc
	Logout() http.HandlerFunc
}

type OIDCAzureSession 

type OIDCAzureSession struct {
	// contains filtered or unexported fields
}

func NewOIDCAzure 

func NewOIDCAzure(
	oidcAuthenticator oidc.Authenticator, oidcSession OIDCAzureSessionStorage, userManager UserManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
) *OIDCAzureSession

func (*OIDCAzureSession) Authenticated 

func (s *OIDCAzureSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*OIDCAzureSession) CallbackOIDC 

func (o *OIDCAzureSession) CallbackOIDC() http.HandlerFunc

CallbackOIDC is the handler for the callback from the OIDC auth provider

func (*OIDCAzureSession) FrontChannelLogout 

func (o *OIDCAzureSession) FrontChannelLogout() http.HandlerFunc

FrontChannelLogout is a handler which destroys the current session for a logout request initiated by the OIDC provider

func (*OIDCAzureSession) Login 

func (o *OIDCAzureSession) Login() http.HandlerFunc

func (*OIDCAzureSession) Logout 

func (s *OIDCAzureSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*OIDCAzureSession) SetSessionTimeout 

func (s *OIDCAzureSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*OIDCAzureSession) SetXSRFToken 

func (s *OIDCAzureSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*OIDCAzureSession) StartSession 

func (s *OIDCAzureSession) StartSession(next http.Handler) http.Handler

func (*OIDCAzureSession) ValidateSession 

func (s *OIDCAzureSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*OIDCAzureSession) ValidateXSRFToken 

func (s *OIDCAzureSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type OIDCAzureSessionStorage 

type OIDCAzureSessionStorage interface {
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

type PostgresOIDCSessionManager added in v0.1.2 

type PostgresOIDCSessionManager struct {
	// contains filtered or unexported fields
}

func NewPostgresOIDCSessionManager added in v0.1.2 

func NewPostgresOIDCSessionManager(userManager UserManager, db postgres.Queryer) *PostgresOIDCSessionManager

func (PostgresOIDCSessionManager) DestroySession added in v0.1.2 

func (p PostgresOIDCSessionManager) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresOIDCSessionManager) DestroySessionOIDC added in v0.1.2 

func (p *PostgresOIDCSessionManager) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*PostgresOIDCSessionManager) NewSession added in v0.1.2 

func (p *PostgresOIDCSessionManager) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (PostgresOIDCSessionManager) Session added in v0.1.2 

func (p PostgresOIDCSessionManager) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (PostgresOIDCSessionManager) UpdateSessionActivity added in v0.1.2 

func (p PostgresOIDCSessionManager) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type SpannerOIDCSessionManager added in v0.1.2 

type SpannerOIDCSessionManager struct {
	// contains filtered or unexported fields
}

func NewSpannerOIDCSessionManager added in v0.1.2 

func NewSpannerOIDCSessionManager(userManager UserManager, db *cloudspanner.Client) *SpannerOIDCSessionManager

func (SpannerOIDCSessionManager) DestroySession added in v0.1.2 

func (p SpannerOIDCSessionManager) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*SpannerOIDCSessionManager) DestroySessionOIDC added in v0.1.2 

func (p *SpannerOIDCSessionManager) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*SpannerOIDCSessionManager) NewSession added in v0.1.2 

func (p *SpannerOIDCSessionManager) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (SpannerOIDCSessionManager) Session added in v0.1.2 

func (p SpannerOIDCSessionManager) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (SpannerOIDCSessionManager) UpdateSessionActivity added in v0.1.2 

func (p SpannerOIDCSessionManager) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type UserManager 

type UserManager interface {
	Domains(ctx context.Context) ([]accesstypes.Domain, error)
	UserRoles(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.RoleCollection, error)
	RoleExists(ctx context.Context, domain accesstypes.Domain, role accesstypes.Role) bool
	AddUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	DeleteUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	UserPermissions(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)
}

Source Files

View all Source files

Directories

Path Synopsis
mock package is used to generate mock files for testing
 mock package is used to generate mock files for testing
mock_oidc
Package mock_oidc is a generated GoMock package.
 Package mock_oidc is a generated GoMock package.
mock_postgres
Package mock_postgres is a generated GoMock package.
 Package mock_postgres is a generated GoMock package.
mock_session
Package mock_session is a generated GoMock package.
 Package mock_session is a generated GoMock package.
oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
 oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
package postgresql implements the database layer for postgresql
 package postgresql implements the database layer for postgresql
sessioninfo package handles session information.
 sessioninfo package handles session information.
spanner provides our data storage API backed by Google Cloud Spanner
 spanner provides our data storage API backed by Google Cloud Spanner
util is used for general utility function such as generic sorting/filtering and more
 util is used for general utility function such as generic sorting/filtering and more

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.