session

package module
v0.5.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 24, 2025 License: MIT Imports: 20 Imported by: 0

README

Session

Overview

The Session repository is designed to handle the management of user sessions, including authorization, storage, and expiration. It provides a framework for manageing sessions across different databases and supports multiple login types.

Features

  • Session Management: Efficient handling of user session creation, storage, and expiration.
  • Database Support: Seamless integration with multiple databases.
    • PostgreSQL
    • Google Cloud Spanner
  • Login Types: Supports multiple authentication methods.
    • Azure OIDC
    • Username/Password
Created and maintained by the CCC team.

Documentation

Overview

package session implements the session management for the application.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DB added in v0.4.1 

type DB interface {
	// SessionOIDC returns the session information from the database for given sessionID.
	SessionOIDC(ctx context.Context, sessionID ccc.UUID) (*dbtype.SessionOIDC, error)
	// InsertSessionOIDC creates a new session in the database and returns its session ID.
	InsertSessionOIDC(ctx context.Context, session *dbtype.InsertSessionOIDC) (ccc.UUID, error)
	// DestroySessionOIDC marks the session as expired by oidcSID.
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	// Session returns the session information from the database for given sessionID.
	Session(ctx context.Context, sessionID ccc.UUID) (*dbtype.Session, error)
	// InsertSession creates a new session in the database and returns its session ID.
	InsertSession(ctx context.Context, session *dbtype.InsertSession) (ccc.UUID, error)
	// UpdateSessionActivity updates the session activity column with the current time.
	UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error
	// DestroySession marks the session as expired.
	DestroySession(ctx context.Context, sessionID ccc.UUID) error
}

type DisabledUserManager added in v0.4.0 

type DisabledUserManager struct{}

func DisableUserManagement added in v0.4.0 

func DisableUserManagement() DisabledUserManager

func (DisabledUserManager) AddUserRoles added in v0.4.0 

func (d DisabledUserManager) AddUserRoles(_ context.Context, _ accesstypes.Domain, _ accesstypes.User, _ ...accesstypes.Role) error

func (DisabledUserManager) DeleteUserRoles added in v0.4.0 

func (d DisabledUserManager) DeleteUserRoles(_ context.Context, _ accesstypes.Domain, _ accesstypes.User, _ ...accesstypes.Role) error

func (DisabledUserManager) Domains added in v0.4.0 

func (d DisabledUserManager) Domains(_ context.Context) ([]accesstypes.Domain, error)

func (DisabledUserManager) RoleExists added in v0.4.0 

func (d DisabledUserManager) RoleExists(_ context.Context, _ accesstypes.Domain, _ accesstypes.Role) bool

func (DisabledUserManager) UserPermissions added in v0.4.0 

func (d DisabledUserManager) UserPermissions(_ context.Context, _ accesstypes.User, _ ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)

func (DisabledUserManager) UserRoles added in v0.4.0 

func (d DisabledUserManager) UserRoles(_ context.Context, _ accesstypes.User, _ ...accesstypes.Domain) (accesstypes.RoleCollection, error)

type LogHandler 

type LogHandler func(handler func(w http.ResponseWriter, r *http.Request) error) http.HandlerFunc

type OIDCAzureHandlers 

type OIDCAzureHandlers interface {
	CallbackOIDC() http.HandlerFunc
	FrontChannelLogout() http.HandlerFunc
	Login() http.HandlerFunc
	// contains filtered or unexported methods
}

type OIDCAzureSession 

type OIDCAzureSession struct {
	// contains filtered or unexported fields
}

func NewOIDCAzure 

func NewOIDCAzure(
	oidcAuthenticator oidc.Authenticator, oidcSession OIDCAzureSessionStorage, userManager UserManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
) *OIDCAzureSession

func (*OIDCAzureSession) Authenticated 

func (s *OIDCAzureSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*OIDCAzureSession) CallbackOIDC 

func (o *OIDCAzureSession) CallbackOIDC() http.HandlerFunc

CallbackOIDC is the handler for the callback from the OIDC auth provider

func (*OIDCAzureSession) FrontChannelLogout 

func (o *OIDCAzureSession) FrontChannelLogout() http.HandlerFunc

FrontChannelLogout is a handler which destroys the current session for a logout request initiated by the OIDC provider

func (*OIDCAzureSession) Login 

func (o *OIDCAzureSession) Login() http.HandlerFunc

func (*OIDCAzureSession) Logout 

func (s *OIDCAzureSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*OIDCAzureSession) SetSessionTimeout 

func (s *OIDCAzureSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*OIDCAzureSession) SetXSRFToken 

func (s *OIDCAzureSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*OIDCAzureSession) StartSession 

func (s *OIDCAzureSession) StartSession(next http.Handler) http.Handler

func (*OIDCAzureSession) ValidateSession 

func (s *OIDCAzureSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*OIDCAzureSession) ValidateXSRFToken 

func (s *OIDCAzureSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type OIDCAzureSessionStorage 

type OIDCAzureSessionStorage interface {
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

type PostgresOIDCSessionStorage added in v0.4.0 

type PostgresOIDCSessionStorage struct {
	// contains filtered or unexported fields
}

func NewPostgresOIDCSessionStorage added in v0.4.0 

func NewPostgresOIDCSessionStorage(db postgres.Queryer) *PostgresOIDCSessionStorage

func (*PostgresOIDCSessionStorage) DestroySession added in v0.4.0 

func (p *PostgresOIDCSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresOIDCSessionStorage) DestroySessionOIDC added in v0.4.0 

func (p *PostgresOIDCSessionStorage) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*PostgresOIDCSessionStorage) NewSession added in v0.4.0 

func (p *PostgresOIDCSessionStorage) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (*PostgresOIDCSessionStorage) Session added in v0.4.0 

func (p *PostgresOIDCSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*PostgresOIDCSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *PostgresOIDCSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type PostgresPreauthSessionStorage added in v0.4.0 

type PostgresPreauthSessionStorage struct {
	// contains filtered or unexported fields
}

PostgresPreauthSessionStorage is what you use to create / update sessions inside of the handlers or as a standalone if you don't want the handlers

func NewPostgresPreauthSessionStorage added in v0.4.0 

func NewPostgresPreauthSessionStorage(db postgres.Queryer) *PostgresPreauthSessionStorage

NewPostgresPreauthSessionStorage is the function that you use to create the session manager that handles the session creation and updates

func (*PostgresPreauthSessionStorage) DestroySession added in v0.4.0 

func (p *PostgresPreauthSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresPreauthSessionStorage) NewSession added in v0.4.0 

func (p *PostgresPreauthSessionStorage) NewSession(ctx context.Context, username string) (ccc.UUID, error)

NewSession inserts SessionInfo into the spanner database

func (*PostgresPreauthSessionStorage) Session added in v0.4.0 

func (p *PostgresPreauthSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*PostgresPreauthSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *PostgresPreauthSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type PreAuthHandlers added in v0.4.0 

type PreAuthHandlers interface {
	NewSession(ctx context.Context, w http.ResponseWriter, r *http.Request, username string) (ccc.UUID, error)
	NewSessionWithDomain(ctx context.Context, w http.ResponseWriter, r *http.Request, username string, domain string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

type PreauthSession added in v0.4.0 

type PreauthSession struct {
	// contains filtered or unexported fields
}

func NewPreauth added in v0.4.0 

func NewPreauth(
	preauthSession PreauthSessionStorage, userPermissionManager UserPermissionManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
) *PreauthSession

func (*PreauthSession) Authenticated added in v0.4.0 

func (s *PreauthSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*PreauthSession) Logout added in v0.4.0 

func (s *PreauthSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*PreauthSession) NewSession added in v0.4.0 

func (p *PreauthSession) NewSession(ctx context.Context, w http.ResponseWriter, r *http.Request, username string) (ccc.UUID, error)

func (*PreauthSession) NewSessionWithDomain added in v0.5.6 

func (p *PreauthSession) NewSessionWithDomain(ctx context.Context, w http.ResponseWriter, r *http.Request, username, domain string) (ccc.UUID, error)

NewSessionWithDomain creates a new session and sets authentication cookies with a specified domain

func (*PreauthSession) SetSessionTimeout added in v0.4.0 

func (s *PreauthSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*PreauthSession) SetXSRFToken added in v0.4.0 

func (s *PreauthSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*PreauthSession) StartSession added in v0.4.0 

func (s *PreauthSession) StartSession(next http.Handler) http.Handler

func (*PreauthSession) ValidateSession added in v0.4.0 

func (s *PreauthSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*PreauthSession) ValidateXSRFToken added in v0.4.0 

func (s *PreauthSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type PreauthSessionStorage added in v0.4.0 

type PreauthSessionStorage interface {
	NewSession(ctx context.Context, username string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

type SpannerOIDCSessionStorage added in v0.4.0 

type SpannerOIDCSessionStorage struct {
	// contains filtered or unexported fields
}

func NewSpannerOIDCSessionStorage added in v0.4.0 

func NewSpannerOIDCSessionStorage(db *cloudspanner.Client) *SpannerOIDCSessionStorage

func (*SpannerOIDCSessionStorage) DestroySession added in v0.4.0 

func (p *SpannerOIDCSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*SpannerOIDCSessionStorage) DestroySessionOIDC added in v0.4.0 

func (p *SpannerOIDCSessionStorage) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*SpannerOIDCSessionStorage) NewSession added in v0.4.0 

func (p *SpannerOIDCSessionStorage) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (*SpannerOIDCSessionStorage) Session added in v0.4.0 

func (p *SpannerOIDCSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*SpannerOIDCSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *SpannerOIDCSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type SpannerPreauthSessionStorage added in v0.4.0 

type SpannerPreauthSessionStorage struct {
	// contains filtered or unexported fields
}

SpannerPreauthSessionStorage is what you use to create / update sessions inside of the handlers or as a standalone if you don't want the handlers

func NewSpannerPreauthSessionStorage added in v0.4.0 

func NewSpannerPreauthSessionStorage(db *cloudspanner.Client) *SpannerPreauthSessionStorage

NewSpannerPreauthSessionStorage is the function that you use to create the session manager that handles the session creation and updates

func (*SpannerPreauthSessionStorage) DestroySession added in v0.4.0 

func (p *SpannerPreauthSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*SpannerPreauthSessionStorage) NewSession added in v0.4.0 

func (p *SpannerPreauthSessionStorage) NewSession(ctx context.Context, username string) (ccc.UUID, error)

NewSession inserts SessionInfo into the spanner database

func (*SpannerPreauthSessionStorage) Session added in v0.4.0 

func (p *SpannerPreauthSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*SpannerPreauthSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *SpannerPreauthSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type UserManager 

type UserManager interface {
	Domains(ctx context.Context) ([]accesstypes.Domain, error)
	UserRoles(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.RoleCollection, error)
	RoleExists(ctx context.Context, domain accesstypes.Domain, role accesstypes.Role) bool
	AddUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	DeleteUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	UserPermissions(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)
}

type UserPermissionManager added in v0.4.0 

type UserPermissionManager interface {
	UserPermissions(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)
}

Source Files

View all Source files

Directories

Path Synopsis
dbtype is a package that contains types used by the database driver packages for session storage.
 dbtype is a package that contains types used by the database driver packages for session storage.
mock package is used to generate mock files for testing
 mock package is used to generate mock files for testing
mock_loader
Package mock_loader is a generated GoMock package.
 Package mock_loader is a generated GoMock package.
mock_oidc
Package mock_oidc is a generated GoMock package.
 Package mock_oidc is a generated GoMock package.
mock_postgres
Package mock_postgres is a generated GoMock package.
 Package mock_postgres is a generated GoMock package.
mock_session
Package mock_session is a generated GoMock package.
 Package mock_session is a generated GoMock package.
oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
 oidc contains the app-specific methods related to auth via Open ID Connect (OIDC)
loader
provider contains interfaces for safely accessing an OIDC Provider
 provider contains interfaces for safely accessing an OIDC Provider
package postgres implements the session storage driver for PostgreSQL
 package postgres implements the session storage driver for PostgreSQL
sessioninfo package handles session information.
 sessioninfo package handles session information.
spanner provides the session storage driver for Spanner
 spanner provides the session storage driver for Spanner
util is used for general utility function such as generic sorting/filtering and more
 util is used for general utility function such as generic sorting/filtering and more

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.