Documentation
¶
Overview ¶
Package session provides HTTP state management library for aah framework. Default store is `Cookie` and framework provides `FileStore` and extensible `session.Storer` interface. Using store interface you can write any key-value Database, NoSQL Database, and RDBMS for storing encoded session data.
Features:
- Extensible session store interface
- Signed session data
- Encrypted session data
Non-cookie store session data is maintained via store interface. Only Session ID is transmitted over the wire in the Cookie. Please refer `session.FileStore` for sample, its very easy.
If you would like to store custom types in session then Register your custom types using `gob.Register(...)`.
Secure cookie code is inspired from Gorilla secure cookie library.
Know more: https://www.owasp.org/index.php/Session_Management_Cheat_Sheet
Index ¶
- Variables
- func AddStore(name string, store Storer) error
- func ReleaseSession(s *Session)
- type FileStore
- type Manager
- func (m *Manager) Decode(value string, dst interface{}) error
- func (m *Manager) DecodeToSession(encodedStr string) (*Session, error)
- func (m *Manager) DecodeToString(encodedStr string) (string, error)
- func (m *Manager) DeleteSession(w http.ResponseWriter, s *Session) error
- func (m *Manager) Encode(value interface{}) (string, error)
- func (m *Manager) GetSession(r *http.Request) *Session
- func (m *Manager) IsCookieStore() bool
- func (m *Manager) IsPath(p string) bool
- func (m *Manager) IsStateful() bool
- func (m *Manager) NewSession() *Session
- func (m *Manager) SaveSession(w http.ResponseWriter, s *Session) error
- type Session
- func (s *Session) Clear()
- func (s *Session) Del(key string)
- func (s *Session) Get(key string) interface{}
- func (s *Session) GetBool(key string) bool
- func (s *Session) GetFlash(key string) interface{}
- func (s *Session) GetFloat32(key string) float32
- func (s *Session) GetFloat64(key string) float64
- func (s *Session) GetInt(key string) int
- func (s *Session) GetInt64(key string) int64
- func (s *Session) GetString(key string) string
- func (s *Session) IsKeyExists(key string) bool
- func (s *Session) Reset()
- func (s *Session) Set(key string, value interface{})
- func (s *Session) SetFlash(key string, value interface{})
- func (s Session) String() string
- type Storer
Constants ¶
This section is empty.
Variables ¶
var ( // ErrSessionStoreIsNil returned when suppiled store is nil. ErrSessionStoreIsNil = errors.New("security/session: store value is nil") )
Functions ¶
func AddStore ¶
AddStore method allows you to add user created session store for aah framework application.
func ReleaseSession ¶
func ReleaseSession(s *Session)
ReleaseSession method puts session object back to pool.
Types ¶
type FileStore ¶
type FileStore struct {
// contains filtered or unexported fields
}
FileStore is the aah framework session store implementation.
func (*FileStore) IsExists ¶
IsExists method returns true if the session file exists otherwise false.
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager is a session manager to manage sessions.
func NewManager ¶
NewManager method initializes the session manager and store based on configuration from aah.conf section `session { ... }`.
func (*Manager) Decode ¶
Decode method decodes given value with name.
It performs:
- Decrypts the value (size check, decode base64, sign verify, timestamp verify, decrypt)
- Decode into result object using `Gob`
func (*Manager) DecodeToSession ¶
DecodeToSession method decodes the encoded string into session object.
func (*Manager) DecodeToString ¶
DecodeToString method decodes the encoded string into original string.
func (*Manager) DeleteSession ¶
func (m *Manager) DeleteSession(w http.ResponseWriter, s *Session) error
DeleteSession method deletes the session from store and sets deletion for browser cookie.
func (*Manager) Encode ¶
Encode method encodes given value with name.
It performs:
- Encodes the value using `Gob`
- Encodes value into Base64 (encrypt, sign, cookie size check)
func (*Manager) GetSession ¶
GetSession method returns the session for given request instance otherwise it returns nil.
func (*Manager) IsCookieStore ¶
IsCookieStore method returns true if session store is cookie otherwise false.
func (*Manager) IsPath ¶
IsPath method returns true if session cookie config 'path' is prefix of request path.
func (*Manager) IsStateful ¶
IsStateful methdo returns true if session mode is stateful otherwise false.
func (*Manager) NewSession ¶
NewSession method creates a new session for the request.
func (*Manager) SaveSession ¶
func (m *Manager) SaveSession(w http.ResponseWriter, s *Session) error
SaveSession method saves the given session into store. Add writes the cookie into response.
type Session ¶
type Session struct {
// ID method return session ID. It is dynamically generated while new session
// creation. ID length is 32.
//
//Note: Do not use this value for any/derving user relation, not recommended.
ID string
// Values is values that stored in session object.
Values map[string]interface{}
// IsNew indicates whether sesison is newly created or restore from the
// request which was already created.
IsNew bool
// IsAuthenticated is helpful to identify user session already authenicated or
// not. Don't forget to set it true after successful authentication.
IsAuthenticated bool
// CreatedTime is when the session was created.
CreatedTime *time.Time
// contains filtered or unexported fields
}
Session hold the information for particular HTTP request.
func (*Session) Clear ¶
func (s *Session) Clear()
Clear method marks the session for deletion. It triggers the deletion at the end of the request for cookie and session store data.
func (*Session) GetFlash ¶
GetFlash method returns the flash messages from the session object and deletes it from session.
func (*Session) GetFloat32 ¶
GetFloat32 method returns the `float32` value from session otherwise 0.
func (*Session) GetFloat64 ¶
GetFloat64 method returns the `float64` value from session otherwise 0.
func (*Session) GetString ¶
GetString method returns the `string` value from session otherwise empty string.
func (*Session) IsKeyExists ¶
IsKeyExists method returns true if given key is exists in session object otherwise false.
func (*Session) Reset ¶
func (s *Session) Reset()
Reset method resets the instance values for repurpose.
func (*Session) Set ¶
Set method set the value for the given key, if key already exists it updates the value.
Note: For any complex/custom structure you would like to store in session. Please register those types using `gob.Register(...)`.
Source Files