session

package

v0.0.0-...-d6ca7af Latest Latest Go to latest Published: May 9, 2020 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package session uses a database backend to manage session cookies for a server. A seshandler can manage persistent and session only cookies simultaneously.

Once a database connection is established, one can create a seshandler with something like:

sh, err := seshandler.NewSesHandlerWithDB(db, time.Minute * 20, time.Day)

One can create a new (persistent) session with:

session, err := sh.CreateSession("username", true)

The session structs themselves should not be acted upon independently. Instead the sessions should be passed to the handler:

err = sh.DestroySession(session)

This will "destroy" the session struct itself and in the database. Once the struct is destroyed, it can be passed to the handler which will detected its destroyed-ness. For security reasons, a destroyed session cannot be un-destoyed.

A selectorID and a sessionID is generated for each session. The selectorID and a hash of the sessionID is stored in the database. The selectorID and sessionID are sent with the response. This is an idea taken from https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#title.2

This package is best used with an authentication handler.

Index ¶

func NewTxContext(ctx context.Context, tx *sql.Tx) context.Context
func TxFromContext(ctx context.Context) *sql.Tx
type Handler
- func NewHandlerWithDB(db *sql.DB, tableName, cookieName string, sessionTimeout time.Duration, ...) (*Handler, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewTxContext ¶

func NewTxContext(ctx context.Context, tx *sql.Tx) context.Context

NewTxContext adds a *sql.Tx to the context.

func TxFromContext ¶

func TxFromContext(ctx context.Context) *sql.Tx

TxFromContext looks for a transaction in the context. If there is no transaction found, then the return value will be nil.

Types ¶

type Handler ¶

type Handler struct {
	// contains filtered or unexported fields
}

Handler creates and maintains session in a database.

func NewHandlerWithDB ¶

func NewHandlerWithDB(db *sql.DB, tableName, cookieName string, sessionTimeout time.Duration, persistentSessionTimeout time.Duration, secret []byte) (*Handler, error)

NewHandlerWithDB creates a new session handler. The database connection should be a pointer to the database connection used in the rest of the app for concurrency purposes. If either timeout <= 0, then it is set to 0 (session only cookies).

func (*Handler) AttachCookie ¶

func (sh *Handler) AttachCookie(tx *sql.Tx, w http.ResponseWriter, ses *sessions.Session) error

AttachCookie sets a cookie on a ResponseWriter A session is returned because the session may have changed when it is updated

func (*Handler) CopySession ¶

func (sh *Handler) CopySession(tx *sql.Tx, ses *sessions.Session, persistent bool) *sessions.Session

CopySession returns a new session with the values of the parameter session (accept selector and session IDs)

func (*Handler) CreateSession ¶

func (sh *Handler) CreateSession(tx *sql.Tx, username string, persistent bool) *sessions.Session

CreateSession generates a new session for the given user ID.

func (*Handler) DestroySession ¶

func (sh *Handler) DestroySession(tx *sql.Tx, ses *sessions.Session)

DestroySession gets rid of a session, if it exists in the database. If destroy is successful, the session pointer is set to nil.

func (*Handler) GetTableName ¶

func (sh *Handler) GetTableName() string

GetTableName returns the table name for this handler.

func (*Handler) LogUserIn ¶

func (sh *Handler) LogUserIn(tx *sql.Tx, ses *sessions.Session, username string)

LogUserIn logs the user into the session and saves the information to the database

func (*Handler) LogUserOut ¶

func (sh *Handler) LogUserOut(tx *sql.Tx, ses *sessions.Session)

LogUserOut logs the user out of the session and saves the information in the database

func (*Handler) ParseSessionCookie ¶

func (sh *Handler) ParseSessionCookie(tx *sql.Tx, cookie *http.Cookie) (*sessions.Session, error)

ParseSessionCookie takes a cookie, determines if it is a valid session cookie, and returns the session, if it exists.

func (*Handler) ParseSessionFromRequest ¶

func (sh *Handler) ParseSessionFromRequest(r *http.Request) (*sessions.Session, error)

ParseSessionFromRequest takes a request, determines if there is a valid session cookie, and returns the session, if it exists.

func (*Handler) ReadFlashes ¶

func (sh *Handler) ReadFlashes(tx *sql.Tx, ses *sessions.Session) ([]interface{}, []interface{})

ReadFlashes allows reading of the flashes from the session and then updates the database. This is a shorthand for reading flashes from the session and then calling UpdateSession.

func (*Handler) UpdateSessionIfValid ¶

func (sh *Handler) UpdateSessionIfValid(tx *sql.Tx, ses *sessions.Session) error

UpdateSessionIfValid resets the expiration of the session from time.Now. Should also be used to verify that a session is valid. If the session is invalid, then a non-nil error will be returned.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
sessions Package sessions contains a Session type used to track session cookies in HTTP responses.	Package sessions contains a Session type used to track session cookies in HTTP responses.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL