invalidation

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2026 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package invalidation provides session tracking and invalidation for user sessions. It enables features like "logout all devices" and session management.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrSessionNotFound  = errors.New("session not found")
	ErrSessionExpired   = errors.New("session expired")
	ErrSessionInvalid   = errors.New("session has been invalidated")
	ErrStorageFailure   = errors.New("session storage failure")
	ErrInvalidSessionID = errors.New("invalid session ID")
)

Common errors returned by the session invalidation service.

Functions

This section is empty.

Types

type Config 

type Config struct {
	// SessionTTL is the default session lifetime.
	// Default: 24 hours
	SessionTTL time.Duration

	// CleanupInterval is how often to clean up expired sessions.
	// Default: 1 hour
	CleanupInterval time.Duration

	// MaxSessionsPerUser limits sessions per user (0 = unlimited).
	// When exceeded, oldest sessions are removed.
	MaxSessionsPerUser int
}

Config configures the session invalidation service.

func DefaultConfig 

func DefaultConfig() Config

DefaultConfig returns sensible defaults.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager manages user sessions and provides invalidation capabilities.

func NewManager 

func NewManager(store SessionStore, opts ...ManagerOption) *Manager

NewManager creates a new session manager.

func (*Manager) Close 

func (m *Manager) Close() error

Close shuts down the manager and releases resources.

func (*Manager) CreateSession 

func (m *Manager) CreateSession(ctx context.Context, userID string, opts ...SessionOption) (*Session, error)

CreateSession creates a new session for a user.

func (*Manager) GetSession 

func (m *Manager) GetSession(ctx context.Context, sessionID string) (*Session, error)

GetSession retrieves a session without updating LastActiveAt.

func (*Manager) InvalidateAllSessions 

func (m *Manager) InvalidateAllSessions(ctx context.Context, userID string) (int, error)

InvalidateAllSessions invalidates all sessions for a user. Returns the number of sessions invalidated.

func (*Manager) InvalidateDeviceSessions 

func (m *Manager) InvalidateDeviceSessions(ctx context.Context, userID, deviceID string) (int, error)

InvalidateDeviceSessions invalidates sessions for a specific device. Returns the number of sessions invalidated.

func (*Manager) InvalidateOtherSessions 

func (m *Manager) InvalidateOtherSessions(ctx context.Context, userID, currentSessionID string) (int, error)

InvalidateOtherSessions invalidates all sessions except the current one. Returns the number of sessions invalidated.

func (*Manager) InvalidateSession 

func (m *Manager) InvalidateSession(ctx context.Context, sessionID string) error

InvalidateSession invalidates a specific session.

func (*Manager) ListSessions 

func (m *Manager) ListSessions(ctx context.Context, userID string) ([]*Session, error)

ListSessions lists all active sessions for a user.

func (*Manager) RefreshSession 

func (m *Manager) RefreshSession(ctx context.Context, sessionID string) error

RefreshSession extends the session expiration.

func (*Manager) ValidateSession 

func (m *Manager) ValidateSession(ctx context.Context, sessionID string) (*Session, error)

ValidateSession checks if a session is valid and updates LastActiveAt.

type ManagerOption 

type ManagerOption func(*Manager)

ManagerOption configures a Manager.

func WithConfig 

func WithConfig(cfg Config) ManagerOption

WithConfig sets the manager configuration.

func WithMaxSessionsPerUser 

func WithMaxSessionsPerUser(max int) ManagerOption

WithMaxSessionsPerUser limits sessions per user.

func WithSessionTTL 

func WithSessionTTL(ttl time.Duration) ManagerOption

WithSessionTTL sets the default session TTL.

type MemoryStore 

type MemoryStore struct {
	// contains filtered or unexported fields
}

MemoryStore is an in-memory implementation of SessionStore. Suitable for single-instance deployments and development/testing.

func NewMemoryStore 

func NewMemoryStore() *MemoryStore

NewMemoryStore creates a new in-memory session store.

func (*MemoryStore) Close 

func (m *MemoryStore) Close() error

Close implements SessionStore.

func (*MemoryStore) Count 

func (m *MemoryStore) Count() int

Count returns the number of active sessions (for testing).

func (*MemoryStore) Create 

func (m *MemoryStore) Create(ctx context.Context, session *Session) error

Create implements SessionStore.

func (*MemoryStore) Delete 

func (m *MemoryStore) Delete(ctx context.Context, sessionID string) error

Delete implements SessionStore.

func (*MemoryStore) DeleteByDevice 

func (m *MemoryStore) DeleteByDevice(ctx context.Context, userID, deviceID string) (int, error)

DeleteByDevice implements SessionStore.

func (*MemoryStore) DeleteByUser 

func (m *MemoryStore) DeleteByUser(ctx context.Context, userID string) (int, error)

DeleteByUser implements SessionStore.

func (*MemoryStore) DeleteExpired 

func (m *MemoryStore) DeleteExpired(ctx context.Context) (int, error)

DeleteExpired implements SessionStore.

func (*MemoryStore) Get 

func (m *MemoryStore) Get(ctx context.Context, sessionID string) (*Session, error)

Get implements SessionStore.

func (*MemoryStore) ListByUser 

func (m *MemoryStore) ListByUser(ctx context.Context, userID string) ([]*Session, error)

ListByUser implements SessionStore.

func (*MemoryStore) Update 

func (m *MemoryStore) Update(ctx context.Context, session *Session) error

Update implements SessionStore.

type RedisStore 

type RedisStore struct {
	// contains filtered or unexported fields
}

RedisStore is a Redis-backed implementation of SessionStore. Suitable for distributed deployments.

func NewRedisStore 

func NewRedisStore(client redis.UniversalClient, opts ...RedisStoreOption) *RedisStore

NewRedisStore creates a new Redis-backed session store.

func (*RedisStore) Close 

func (r *RedisStore) Close() error

Close implements SessionStore. Note: This does NOT close the Redis client since it may be shared.

func (*RedisStore) Create 

func (r *RedisStore) Create(ctx context.Context, session *Session) error

Create implements SessionStore.

func (*RedisStore) Delete 

func (r *RedisStore) Delete(ctx context.Context, sessionID string) error

Delete implements SessionStore.

func (*RedisStore) DeleteByDevice 

func (r *RedisStore) DeleteByDevice(ctx context.Context, userID, deviceID string) (int, error)

DeleteByDevice implements SessionStore.

func (*RedisStore) DeleteByUser 

func (r *RedisStore) DeleteByUser(ctx context.Context, userID string) (int, error)

DeleteByUser implements SessionStore.

func (*RedisStore) DeleteExpired 

func (r *RedisStore) DeleteExpired(ctx context.Context) (int, error)

DeleteExpired implements SessionStore.

func (*RedisStore) Get 

func (r *RedisStore) Get(ctx context.Context, sessionID string) (*Session, error)

Get implements SessionStore.

func (*RedisStore) ListByUser 

func (r *RedisStore) ListByUser(ctx context.Context, userID string) ([]*Session, error)

ListByUser implements SessionStore.

func (*RedisStore) Update 

func (r *RedisStore) Update(ctx context.Context, session *Session) error

Update implements SessionStore.

type RedisStoreOption 

type RedisStoreOption func(*RedisStore)

RedisStoreOption configures RedisStore.

func WithKeyPrefix 

func WithKeyPrefix(prefix string) RedisStoreOption

WithKeyPrefix sets a prefix for all session keys in Redis.

type Session 

type Session struct {
	// ID is the unique session identifier.
	ID string

	// UserID is the user who owns this session.
	UserID string

	// DeviceID is an optional device identifier.
	DeviceID string

	// DeviceInfo contains information about the device (user agent, etc.).
	DeviceInfo string

	// IPAddress is the IP address of the client.
	IPAddress string

	// CreatedAt is when the session was created.
	CreatedAt time.Time

	// LastActiveAt is when the session was last used.
	LastActiveAt time.Time

	// ExpiresAt is when the session expires.
	ExpiresAt time.Time

	// Metadata contains additional session data.
	Metadata map[string]string
}

Session represents an active user session.

func (*Session) IsExpired 

func (s *Session) IsExpired() bool

IsExpired returns true if the session has expired (current time is at or after ExpiresAt).

type SessionOption 

type SessionOption func(*Session)

SessionOption configures a session during creation.

func WithDeviceID 

func WithDeviceID(deviceID string) SessionOption

WithDeviceID sets the device ID.

func WithDeviceInfo 

func WithDeviceInfo(info string) SessionOption

WithDeviceInfo sets the device info.

func WithIPAddress 

func WithIPAddress(ip string) SessionOption

WithIPAddress sets the IP address.

func WithMetadata 

func WithMetadata(key, value string) SessionOption

WithMetadata sets session metadata.

func WithTTL 

func WithTTL(ttl time.Duration) SessionOption

WithTTL sets a custom TTL for this session.

type SessionStore 

type SessionStore interface {
	// Create creates a new session.
	Create(ctx context.Context, session *Session) error

	// Get retrieves a session by ID.
	Get(ctx context.Context, sessionID string) (*Session, error)

	// Update updates a session (e.g., LastActiveAt).
	Update(ctx context.Context, session *Session) error

	// Delete deletes a session.
	Delete(ctx context.Context, sessionID string) error

	// ListByUser lists all sessions for a user.
	ListByUser(ctx context.Context, userID string) ([]*Session, error)

	// DeleteByUser deletes all sessions for a user.
	DeleteByUser(ctx context.Context, userID string) (int, error)

	// DeleteByDevice deletes sessions for a specific device.
	DeleteByDevice(ctx context.Context, userID, deviceID string) (int, error)

	// DeleteExpired removes expired sessions.
	DeleteExpired(ctx context.Context) (int, error)

	// Close releases resources.
	Close() error
}

SessionStore defines the storage interface for session tracking.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.