session

package module
v0.5.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 3, 2025 License: MIT Imports: 20 Imported by: 0

README

Session

Overview

The Session repository is designed to handle the management of user sessions, including authorization, storage, and expiration. It provides a framework for manageing sessions across different databases and supports multiple login types.

Features

  • Session Management: Efficient handling of user session creation, storage, and expiration.
  • Database Support: Seamless integration with multiple databases.
    • PostgreSQL
    • Google Cloud Spanner
  • Login Types: Supports multiple authentication methods.
    • Azure OIDC
    • Username/Password
Created and maintained by the CCC team.

Documentation

Overview

Package session implements the session management for the application.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CookieOption added in v0.5.8 

type CookieOption func(*cookieClient)

CookieOption defines a function signature for setting cookie client options.

func WithCookieDomain added in v0.5.8 

func WithCookieDomain(domain string) CookieOption

WithCookieDomain sets the domain for the session cookie.

func WithCookieName added in v0.5.8 

func WithCookieName(name string) CookieOption

WithCookieName sets the cookie name for the session cookie.

type DB added in v0.4.1 

type DB interface {
	// SessionOIDC returns the session information from the database for given sessionID.
	SessionOIDC(ctx context.Context, sessionID ccc.UUID) (*dbtype.SessionOIDC, error)
	// InsertSessionOIDC creates a new session in the database and returns its session ID.
	InsertSessionOIDC(ctx context.Context, session *dbtype.InsertSessionOIDC) (ccc.UUID, error)
	// DestroySessionOIDC marks the session as expired by oidcSID.
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	// Session returns the session information from the database for given sessionID.
	Session(ctx context.Context, sessionID ccc.UUID) (*dbtype.Session, error)
	// InsertSession creates a new session in the database and returns its session ID.
	InsertSession(ctx context.Context, session *dbtype.InsertSession) (ccc.UUID, error)
	// UpdateSessionActivity updates the session activity column with the current time.
	UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error
	// DestroySession marks the session as expired.
	DestroySession(ctx context.Context, sessionID ccc.UUID) error
}

DB defines an interface for database operations related to session management.

type DisabledUserManager added in v0.4.0 

type DisabledUserManager struct{}

DisabledUserManager implements the UserManager interface but disables all user management functions.

func DisableUserManagement added in v0.4.0 

func DisableUserManagement() DisabledUserManager

DisableUserManagement returns a DisabledUserManager instance.

func (DisabledUserManager) AddUserRoles added in v0.4.0 

func (d DisabledUserManager) AddUserRoles(_ context.Context, _ accesstypes.Domain, _ accesstypes.User, _ ...accesstypes.Role) error

AddUserRoles does nothing and returns nil.

func (DisabledUserManager) DeleteUserRoles added in v0.4.0 

func (d DisabledUserManager) DeleteUserRoles(_ context.Context, _ accesstypes.Domain, _ accesstypes.User, _ ...accesstypes.Role) error

DeleteUserRoles does nothing and returns nil.

func (DisabledUserManager) Domains added in v0.4.0 

func (d DisabledUserManager) Domains(_ context.Context) ([]accesstypes.Domain, error)

Domains returns a default global domain.

func (DisabledUserManager) RoleExists added in v0.4.0 

func (d DisabledUserManager) RoleExists(_ context.Context, _ accesstypes.Domain, _ accesstypes.Role) bool

RoleExists always returns true, indicating that any role exists.

func (DisabledUserManager) UserPermissions added in v0.4.0 

func (d DisabledUserManager) UserPermissions(_ context.Context, _ accesstypes.User, _ ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)

UserPermissions returns an empty UserPermissionCollection.

func (DisabledUserManager) UserRoles added in v0.4.0 

func (d DisabledUserManager) UserRoles(_ context.Context, _ accesstypes.User, _ ...accesstypes.Domain) (accesstypes.RoleCollection, error)

UserRoles always returns an empty RoleCollection.

type LogHandler 

type LogHandler func(handler func(w http.ResponseWriter, r *http.Request) error) http.HandlerFunc

LogHandler defines the functional option type for handling logs.

type OIDCAzureHandlers 

type OIDCAzureHandlers interface {
	CallbackOIDC() http.HandlerFunc
	FrontChannelLogout() http.HandlerFunc
	Login() http.HandlerFunc
	// contains filtered or unexported methods
}

OIDCAzureHandlers defines the interface for OIDC Azure session handlers.

type OIDCAzureOption added in v0.5.8 

type OIDCAzureOption interface {
	// contains filtered or unexported methods
}

OIDCAzureOption defines the interface for functional options used when creating a new OIDCAzureSession.

type OIDCAzureSession 

type OIDCAzureSession struct {
	// contains filtered or unexported fields
}

OIDCAzureSession implements the OIDCAzureHandlers interface for handling OIDC authentication with Azure.

func NewOIDCAzure 

func NewOIDCAzure(
	oidcAuthenticator oidc.Authenticator, oidcSession OIDCAzureSessionStorage, userManager UserManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
	options ...OIDCAzureOption,
) *OIDCAzureSession

NewOIDCAzure creates a new OIDCAzureSession.

func (*OIDCAzureSession) Authenticated 

func (s *OIDCAzureSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*OIDCAzureSession) CallbackOIDC 

func (o *OIDCAzureSession) CallbackOIDC() http.HandlerFunc

CallbackOIDC is the handler for the callback from the OIDC auth provider

func (*OIDCAzureSession) FrontChannelLogout 

func (o *OIDCAzureSession) FrontChannelLogout() http.HandlerFunc

FrontChannelLogout is a handler which destroys the current session for a logout request initiated by the OIDC provider

func (*OIDCAzureSession) Login 

func (o *OIDCAzureSession) Login() http.HandlerFunc

Login initiates the OIDC login flow by redirecting the user to the authorization URL.

func (*OIDCAzureSession) Logout 

func (s *OIDCAzureSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*OIDCAzureSession) SetSessionTimeout 

func (s *OIDCAzureSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*OIDCAzureSession) SetXSRFToken 

func (s *OIDCAzureSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*OIDCAzureSession) StartSession 

func (s *OIDCAzureSession) StartSession(next http.Handler) http.Handler

func (*OIDCAzureSession) ValidateSession 

func (s *OIDCAzureSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*OIDCAzureSession) ValidateXSRFToken 

func (s *OIDCAzureSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type OIDCAzureSessionStorage 

type OIDCAzureSessionStorage interface {
	DestroySessionOIDC(ctx context.Context, oidcSID string) error
	NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

OIDCAzureSessionStorage defines an interface for managing OIDC sessions.

type PostgresOIDCSessionStorage added in v0.4.0 

type PostgresOIDCSessionStorage struct {
	// contains filtered or unexported fields
}

PostgresOIDCSessionStorage is the session storage implementation for PostgreSQL with OIDC support.

func NewPostgresOIDCSessionStorage added in v0.4.0 

func NewPostgresOIDCSessionStorage(db postgres.Queryer) *PostgresOIDCSessionStorage

NewPostgresOIDCSessionStorage creates a new PostgresOIDCSessionStorage instance.

func (*PostgresOIDCSessionStorage) DestroySession added in v0.4.0 

func (p *PostgresOIDCSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresOIDCSessionStorage) DestroySessionOIDC added in v0.4.0 

func (p *PostgresOIDCSessionStorage) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*PostgresOIDCSessionStorage) NewSession added in v0.4.0 

func (p *PostgresOIDCSessionStorage) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (*PostgresOIDCSessionStorage) Session added in v0.4.0 

func (p *PostgresOIDCSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*PostgresOIDCSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *PostgresOIDCSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type PostgresPreauthSessionStorage added in v0.4.0 

type PostgresPreauthSessionStorage struct {
	// contains filtered or unexported fields
}

PostgresPreauthSessionStorage is what you use to create / update sessions inside of the handlers or as a standalone if you don't want the handlers

func NewPostgresPreauthSessionStorage added in v0.4.0 

func NewPostgresPreauthSessionStorage(db postgres.Queryer) *PostgresPreauthSessionStorage

NewPostgresPreauthSessionStorage is the function that you use to create the session manager that handles the session creation and updates

func (*PostgresPreauthSessionStorage) DestroySession added in v0.4.0 

func (p *PostgresPreauthSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*PostgresPreauthSessionStorage) NewSession added in v0.4.0 

func (p *PostgresPreauthSessionStorage) NewSession(ctx context.Context, username string) (ccc.UUID, error)

NewSession inserts SessionInfo into the spanner database

func (*PostgresPreauthSessionStorage) Session added in v0.4.0 

func (p *PostgresPreauthSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*PostgresPreauthSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *PostgresPreauthSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type PreAuthHandlers added in v0.4.0 

type PreAuthHandlers interface {
	NewSession(ctx context.Context, w http.ResponseWriter, r *http.Request, username string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

PreAuthHandlers defines the interface for pre-authentication session handlers.

type PreAuthOption added in v0.5.8 

type PreAuthOption interface {
	// contains filtered or unexported methods
}

PreAuthOption defines the functional option type for configuring PreauthSession.

type PreauthSession added in v0.4.0 

type PreauthSession struct {
	// contains filtered or unexported fields
}

PreauthSession handles session management for pre-authentication scenarios.

func NewPreauth added in v0.4.0 

func NewPreauth(
	preauthSession PreauthSessionStorage, userPermissionManager UserPermissionManager,
	logHandler LogHandler, secureCookie *securecookie.SecureCookie, sessionTimeout time.Duration,
	options ...PreAuthOption,
) *PreauthSession

NewPreauth creates a new PreauthSession instance.

func (*PreauthSession) Authenticated added in v0.4.0 

func (s *PreauthSession) Authenticated() http.HandlerFunc

Authenticated is the handler reports if the session is authenticated

func (*PreauthSession) Logout added in v0.4.0 

func (s *PreauthSession) Logout() http.HandlerFunc

Logout is a handler which destroys the current session

func (*PreauthSession) NewSession added in v0.4.0 

func (p *PreauthSession) NewSession(ctx context.Context, w http.ResponseWriter, r *http.Request, username string) (ccc.UUID, error)

NewSession creates a new session for a pre-authenticated user.

func (*PreauthSession) SetSessionTimeout added in v0.4.0 

func (s *PreauthSession) SetSessionTimeout(next http.Handler) http.Handler

SetSessionTimeout is a Handler to set the session timeout

func (*PreauthSession) SetXSRFToken added in v0.4.0 

func (s *PreauthSession) SetXSRFToken(next http.Handler) http.Handler

SetXSRFToken sets the XSRF Token

func (*PreauthSession) StartSession added in v0.4.0 

func (s *PreauthSession) StartSession(next http.Handler) http.Handler

func (*PreauthSession) ValidateSession added in v0.4.0 

func (s *PreauthSession) ValidateSession(next http.Handler) http.Handler

ValidateSession checks the sessionID in the database to validate that it has not expired and updates the last activity timestamp if it is still valid.

func (*PreauthSession) ValidateXSRFToken added in v0.4.0 

func (s *PreauthSession) ValidateXSRFToken(next http.Handler) http.Handler

ValidateXSRFToken validates the XSRF Token

type PreauthSessionStorage added in v0.4.0 

type PreauthSessionStorage interface {
	NewSession(ctx context.Context, username string) (ccc.UUID, error)
	// contains filtered or unexported methods
}

PreauthSessionStorage defines an interface for managing pre-authenticated sessions.

type SpannerOIDCSessionStorage added in v0.4.0 

type SpannerOIDCSessionStorage struct {
	// contains filtered or unexported fields
}

SpannerOIDCSessionStorage is the session storage implementation for Spanner with OIDC support.

func NewSpannerOIDCSessionStorage added in v0.4.0 

func NewSpannerOIDCSessionStorage(db *cloudspanner.Client) *SpannerOIDCSessionStorage

NewSpannerOIDCSessionStorage creates a new SpannerOIDCSessionStorage instance.

func (*SpannerOIDCSessionStorage) DestroySession added in v0.4.0 

func (p *SpannerOIDCSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*SpannerOIDCSessionStorage) DestroySessionOIDC added in v0.4.0 

func (p *SpannerOIDCSessionStorage) DestroySessionOIDC(ctx context.Context, oidcSID string) error

DestroySessionOIDC marks the session as expired

func (*SpannerOIDCSessionStorage) NewSession added in v0.4.0 

func (p *SpannerOIDCSessionStorage) NewSession(ctx context.Context, username, oidcSID string) (ccc.UUID, error)

NewSession inserts SessionInfo into database

func (*SpannerOIDCSessionStorage) Session added in v0.4.0 

func (p *SpannerOIDCSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*SpannerOIDCSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *SpannerOIDCSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type SpannerPreauthSessionStorage added in v0.4.0 

type SpannerPreauthSessionStorage struct {
	// contains filtered or unexported fields
}

SpannerPreauthSessionStorage is what you use to create / update sessions inside of the handlers or as a standalone if you don't want the handlers

func NewSpannerPreauthSessionStorage added in v0.4.0 

func NewSpannerPreauthSessionStorage(db *cloudspanner.Client) *SpannerPreauthSessionStorage

NewSpannerPreauthSessionStorage is the function that you use to create the session manager that handles the session creation and updates

func (*SpannerPreauthSessionStorage) DestroySession added in v0.4.0 

func (p *SpannerPreauthSessionStorage) DestroySession(ctx context.Context, sessionID ccc.UUID) error

DestroySession marks the session as expired

func (*SpannerPreauthSessionStorage) NewSession added in v0.4.0 

func (p *SpannerPreauthSessionStorage) NewSession(ctx context.Context, username string) (ccc.UUID, error)

NewSession inserts SessionInfo into the spanner database

func (*SpannerPreauthSessionStorage) Session added in v0.4.0 

func (p *SpannerPreauthSessionStorage) Session(ctx context.Context, sessionID ccc.UUID) (*sessioninfo.SessionInfo, error)

Session returns the session information from the database for given sessionID

func (*SpannerPreauthSessionStorage) UpdateSessionActivity added in v0.4.0 

func (p *SpannerPreauthSessionStorage) UpdateSessionActivity(ctx context.Context, sessionID ccc.UUID) error

UpdateSessionActivity updates the database with the current time for the session activity

type UserManager 

type UserManager interface {
	Domains(ctx context.Context) ([]accesstypes.Domain, error)
	UserRoles(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.RoleCollection, error)
	RoleExists(ctx context.Context, domain accesstypes.Domain, role accesstypes.Role) bool
	AddUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	DeleteUserRoles(ctx context.Context, domain accesstypes.Domain, user accesstypes.User, roles ...accesstypes.Role) error
	UserPermissions(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)
}

UserManager defines an interface for managing user-related information.

type UserPermissionManager added in v0.4.0 

type UserPermissionManager interface {
	UserPermissions(ctx context.Context, user accesstypes.User, domains ...accesstypes.Domain) (accesstypes.UserPermissionCollection, error)
}

UserPermissionManager defines an interface for retrieving user permissions.

Source Files

View all Source files

Directories

Path Synopsis
Package dbtype contains types used by the database driver packages for session storage.
 Package dbtype contains types used by the database driver packages for session storage.
Package mock is used to generate mock files for testing.
 Package mock is used to generate mock files for testing.
mock_loader
Package mock_loader is a generated GoMock package.
 Package mock_loader is a generated GoMock package.
mock_oidc
Package mock_oidc is a generated GoMock package.
 Package mock_oidc is a generated GoMock package.
mock_postgres
Package mock_postgres is a generated GoMock package.
 Package mock_postgres is a generated GoMock package.
mock_session
Package mock_session is a generated GoMock package.
 Package mock_session is a generated GoMock package.
Package oidc provides configuration settings for OIDC.
 Package oidc provides configuration settings for OIDC.
loader
Package loader contains interfaces for safely accessing an OIDC Provider.
 Package loader contains interfaces for safely accessing an OIDC Provider.
Package postgres implements the session storage driver for PostgreSQL.
 Package postgres implements the session storage driver for PostgreSQL.
Package sessioninfo handles session information.
 Package sessioninfo handles session information.
Package spanner provides the session storage driver for Spanner.
 Package spanner provides the session storage driver for Spanner.
Package util is used for general utility function such as generic sorting/filtering and more.
 Package util is used for general utility function such as generic sorting/filtering and more.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.