Documentation
¶
Index ¶
- func RegenerateSession(sessionManager *scs.SessionManager, w http.ResponseWriter, r *http.Request) error
- func SecureSessionRotationMiddleware(sessionManager *scs.SessionManager, config SecureSessionConfig) func(next http.Handler) http.Handler
- type AuthSessionHandler
- type SecureSessionConfig
- type Session
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RegenerateSession ¶
func RegenerateSession(sessionManager *scs.SessionManager, w http.ResponseWriter, r *http.Request) error
RegenerateSession regenerates session ID to prevent fixation attacks
func SecureSessionRotationMiddleware ¶
func SecureSessionRotationMiddleware(sessionManager *scs.SessionManager, config SecureSessionConfig) func(next http.Handler) http.Handler
SecureSessionRotationMiddleware provides automatic session rotation
Types ¶
type AuthSessionHandler ¶
type AuthSessionHandler struct {
// contains filtered or unexported fields
}
AuthSessionHandler handles authentication-related session operations
func AuthenticationSessionHandler ¶
func AuthenticationSessionHandler(sessionManager *scs.SessionManager, config SecureSessionConfig) *AuthSessionHandler
AuthenticationSessionHandler handles secure session operations for authentication
func (*AuthSessionHandler) LoginUser ¶
func (ash *AuthSessionHandler) LoginUser(w http.ResponseWriter, r *http.Request, userID string) error
LoginUser securely establishes user session after authentication
func (*AuthSessionHandler) LogoutUser ¶
func (ash *AuthSessionHandler) LogoutUser(w http.ResponseWriter, r *http.Request) error
LogoutUser securely destroys user session
func (*AuthSessionHandler) ValidateSession ¶
func (ash *AuthSessionHandler) ValidateSession(r *http.Request) bool
ValidateSession validates session integrity and security
type SecureSessionConfig ¶
type SecureSessionConfig struct {
EnableRotation bool
RotateOnAuth bool
MaxLifetime time.Duration
IdleTimeout time.Duration
RegenerationTime time.Duration
HttpOnlyDefault bool
SecureDefault bool
SameSiteDefault http.SameSite
}
SecureSessionConfig holds secure session configuration
func DefaultSecureSessionConfig ¶
func DefaultSecureSessionConfig() SecureSessionConfig
DefaultSecureSessionConfig returns secure default configuration
type Session ¶
type Session struct {
CookieLifetime string
CookiePersist string
CookieName string
CookieDomain string
SessionType string
CookieSecure string
DBPool *sql.DB
RedisPool *redis.Pool
}
func (*Session) InitSecureSession ¶
func (g *Session) InitSecureSession(config SecureSessionConfig) *scs.SessionManager
InitSecureSession creates a session manager with enhanced security
func (*Session) InitSession ¶
func (g *Session) InitSession() *scs.SessionManager
Source Files
Click to show internal directories.
Click to hide internal directories.