Documentation
¶
Index ¶
- Constants
- Variables
- func CheckDelegatedJWT(instance *instance.Instance, token string) error
- func CookieDomain(i *instance.Instance) string
- func CookieName(i *instance.Instance) string
- func DeleteByOIDCSession(oidcProviderKey, sid string) (int, error)
- func DeleteBySID(inst *instance.Instance, sid string) error
- func DeleteOthers(i *instance.Instance, selfSessionID string) error
- func StoreNewLoginEntry(i *instance.Instance, sessionID, clientID string, req *http.Request, ...) error
- type Duration
- type ExternalClaims
- type LoginEntry
- type Session
- func (s *Session) Clone() couchdb.Doc
- func (s *Session) Delete(i *instance.Instance) *http.Cookie
- func (s *Session) DocType() string
- func (s *Session) Duration() Duration
- func (s *Session) ID() string
- func (s *Session) OlderThan(t time.Duration) bool
- func (s *Session) Rev() string
- func (s *Session) SetID(v string)
- func (s *Session) SetRev(v string)
- func (s *Session) ToCookie() (*http.Cookie, error)
Constants ¶
const SessionMaxAge = 30 * 24 * time.Hour
SessionMaxAge is the maximum duration of the session in seconds
Variables ¶
var ( // ErrNoCookie is returned by GetSession if there is no cookie ErrNoCookie = errors.New("No session cookie") // ErrExpired is returned when the session has expired ErrExpired = errors.New("Session expired") // ErrInvalidID is returned by GetSession if the cookie contains wrong ID ErrInvalidID = errors.New("Session cookie has wrong ID") )
var ForceHostOnlyCookies bool
ForceHostOnlyCookies can be set to true in tests to make cookies host-only. This is needed because test HTTP clients connect to 127.0.0.1, not to the instance domain, so domain-scoped cookies would not be sent back.
Functions ¶
func CheckDelegatedJWT ¶
CheckDelegatedJWT checks if a delegated JWT is valid for a given instance
func CookieDomain ¶
CookieDomain returns the domain on which the cookie will be set. On nested subdomains, the cookie is put on the domain of the instance, but for flat subdomains, we need to put it one level higher (eg .mycozy.cloud instead of .example.mycozy.cloud) to make the cookie available when the user visits their apps.
func CookieName ¶
CookieName returns the name of the cookie used for the given instance.
func DeleteByOIDCSession ¶
DeleteByOIDCSession deletes all local Cozy sessions bound to a provider-scoped OIDC session identifier. The first iteration uses the OIDC context name as the provider key.
func DeleteBySID ¶
DeleteBySID is used for the OIDC back-channel logout. It deletes the sessions for the current device of the user.
func DeleteOthers ¶
DeleteOthers will remove all sessions except the one given in parameter.
Types ¶
type Duration ¶
type Duration int
Duration is a type for the cookie expiration.
const ( // ShortRun is used for session that will last only 5 minutes. It is // typically used for OAuth dance. ShortRun Duration = iota // NormalRun is used for a session that will expired when the browser is // closed. NormalRun // LongRun is used to try to keep the session opened as long as possible. LongRun )
type ExternalClaims ¶
type ExternalClaims struct {
jwt.RegisteredClaims
Name string `json:"name"`
Code string `json:"code"`
Email string `json:"email,omitempty"`
UUID string `json:"uuid,omitempty"`
}
ExternalClaims is the format for JWT for authentication from external sources
type LoginEntry ¶
type LoginEntry struct {
DocID string `json:"_id,omitempty"`
DocRev string `json:"_rev,omitempty"`
SessionID string `json:"session_id"`
IP string `json:"ip"`
City string `json:"city,omitempty"`
Subdivision string `json:"subdivision,omitempty"`
Country string `json:"country,omitempty"`
// XXX No omitempty on os and browser, because they are indexed in couchdb
UA string `json:"user_agent"`
OS string `json:"os"`
Browser string `json:"browser"`
ClientRegistration bool `json:"client_registration"`
CreatedAt time.Time `json:"created_at"`
}
LoginEntry stores informations associated with a new login. It is useful to provide the user with informations about the history of all the logins that may have happened on its domain.
type Session ¶
type Session struct {
DocID string `json:"_id,omitempty"`
DocRev string `json:"_rev,omitempty"`
CreatedAt time.Time `json:"created_at"`
LastSeen time.Time `json:"last_seen"`
LongRun bool `json:"long_run"`
ShortRun bool `json:"short_run"`
SID string `json:"sid,omitempty"` // only present with OIDC
// OIDCProviderKey namespaces the upstream sid. In the first iteration it is
// simply the instance context name.
OIDCProviderKey string `json:"oidc_provider_key,omitempty"`
// contains filtered or unexported fields
}
A Session is an instance opened in a browser
func FromCookie ¶
FromCookie retrieves the session from a echo.Context cookies.
func (*Session) Delete ¶
Delete is a function to delete the session in couchdb, and returns a cookie with a negative MaxAge to clear it
Source Files