2014-01-07 17:15:27 +00:00
|
|
|
package pgstore
|
|
|
|
|
|
|
|
import (
|
|
|
|
"database/sql"
|
|
|
|
"encoding/base32"
|
|
|
|
"github.com/coopernurse/gorp"
|
|
|
|
"github.com/gorilla/securecookie"
|
|
|
|
"github.com/gorilla/sessions"
|
|
|
|
_ "github.com/lib/pq"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
|
|
|
type PGStore struct {
|
|
|
|
Codecs []securecookie.Codec
|
|
|
|
Options *sessions.Options
|
|
|
|
path string
|
|
|
|
DbMap *gorp.DbMap
|
|
|
|
}
|
|
|
|
|
|
|
|
// Session type
|
|
|
|
type Session struct {
|
|
|
|
Id int64 `db: "id"`
|
|
|
|
Key string `db: "key"`
|
|
|
|
Data string `db: "data"`
|
|
|
|
CreatedOn time.Time `db: "created_on"`
|
|
|
|
ModifiedOn time.Time `db: "modified_on"`
|
|
|
|
ExpiresOn time.Time `db: "expires_on"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewPGStore(dbUrl string, keyPairs ...[]byte) *PGStore {
|
|
|
|
db, err := sql.Open("postgres", dbUrl)
|
|
|
|
dbmap := &gorp.DbMap{Db: db, Dialect: gorp.PostgresDialect{}}
|
|
|
|
|
|
|
|
dbStore := &PGStore{
|
|
|
|
Codecs: securecookie.CodecsFromPairs(keyPairs...),
|
|
|
|
Options: &sessions.Options{
|
|
|
|
Path: "/",
|
|
|
|
MaxAge: 86400 * 30,
|
|
|
|
},
|
|
|
|
DbMap: dbmap,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
// Ignore and return nil
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create table if it doesn't exist
|
|
|
|
dbmap.AddTableWithName(Session{}, "http_sessions").SetKeys(true, "Id")
|
|
|
|
err = dbmap.CreateTablesIfNotExists()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
// Ignore and return nil
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return dbStore
|
|
|
|
}
|
|
|
|
|
|
|
|
func (db *PGStore) Close() {
|
|
|
|
db.DbMap.Db.Close()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Fetches a session for a given name after it has been added to the registry.
|
|
|
|
func (db *PGStore) Get(r *http.Request, name string) (*sessions.Session, error) {
|
|
|
|
return sessions.GetRegistry(r).Get(db, name)
|
|
|
|
}
|
|
|
|
|
|
|
|
// New returns a new session for the given name w/o adding it to the registry.
|
|
|
|
func (db *PGStore) New(r *http.Request, name string) (*sessions.Session, error) {
|
|
|
|
session := sessions.NewSession(db, name)
|
|
|
|
if session == nil {
|
|
|
|
return session, nil
|
|
|
|
}
|
|
|
|
session.Options = &(*db.Options)
|
|
|
|
session.IsNew = true
|
|
|
|
|
|
|
|
var err error
|
|
|
|
if c, errCookie := r.Cookie(name); errCookie == nil {
|
|
|
|
err = securecookie.DecodeMulti(name, c.Value, &session.ID, db.Codecs...)
|
|
|
|
if err == nil {
|
|
|
|
err = db.load(session)
|
|
|
|
if err == nil {
|
|
|
|
session.IsNew = false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return session, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (db *PGStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
|
|
|
|
// Set delete if max-age is < 0
|
|
|
|
if session.Options.MaxAge < 0 {
|
|
|
|
if err := db.destroy(session); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options))
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if session.ID == "" {
|
|
|
|
// Generate a random session ID key suitable for storage in the DB
|
|
|
|
session.ID = string(securecookie.GenerateRandomKey(32))
|
|
|
|
session.ID = strings.TrimRight(
|
|
|
|
base32.StdEncoding.EncodeToString(
|
|
|
|
securecookie.GenerateRandomKey(32)), "=")
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := db.save(session); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Keep the session ID key in a cookie so it can be looked up in DB later.
|
|
|
|
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, db.Codecs...)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
//load fetches a session by ID from the database and decodes its content into session.Values
|
|
|
|
func (db *PGStore) load(session *sessions.Session) error {
|
|
|
|
var s Session
|
|
|
|
err := db.DbMap.SelectOne(&s, "SELECT * FROM http_sessions WHERE key = $1", session.ID)
|
|
|
|
|
|
|
|
if err := securecookie.DecodeMulti(session.Name(), string(s.Data),
|
|
|
|
&session.Values, db.Codecs...); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// save writes encoded session.Values to a database record.
|
|
|
|
// writes to http_sessions table by default.
|
|
|
|
func (db *PGStore) save(session *sessions.Session) error {
|
|
|
|
encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
|
|
|
|
db.Codecs...)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
var createdOn time.Time
|
|
|
|
var expiresOn time.Time
|
|
|
|
|
|
|
|
crOn := session.Values["created_on"]
|
|
|
|
exOn := session.Values["expires_on"]
|
|
|
|
|
|
|
|
if crOn == nil {
|
|
|
|
createdOn = time.Now()
|
|
|
|
} else {
|
|
|
|
createdOn = crOn.(time.Time)
|
|
|
|
}
|
|
|
|
|
|
|
|
if exOn == nil {
|
|
|
|
expiresOn = time.Now().Add(time.Second * time.Duration(session.Options.MaxAge))
|
|
|
|
} else {
|
|
|
|
expiresOn = exOn.(time.Time)
|
|
|
|
if expiresOn.Sub(time.Now().Add(time.Second*time.Duration(session.Options.MaxAge))) < 0 {
|
|
|
|
expiresOn = time.Now().Add(time.Second * time.Duration(session.Options.MaxAge))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
s := Session{
|
|
|
|
Key: session.ID,
|
|
|
|
Data: encoded,
|
|
|
|
CreatedOn: createdOn,
|
|
|
|
ExpiresOn: expiresOn,
|
|
|
|
ModifiedOn: time.Now(),
|
|
|
|
}
|
|
|
|
|
|
|
|
if session.IsNew {
|
|
|
|
err = db.DbMap.Insert(&s)
|
|
|
|
} else {
|
2014-05-19 14:50:30 +00:00
|
|
|
_, err = db.DbMap.Exec("update http_sessions set data=$1, modifiedon=$2, expireson=$3 where key=$4", s.Data, s.ModifiedOn, s.ExpiresOn, s.Key)
|
2014-01-07 17:15:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Delete session
|
|
|
|
func (db *PGStore) destroy(session *sessions.Session) error {
|
|
|
|
_, err := db.DbMap.Db.Exec("DELETE FROM http_sessions WHERE key = $1", session.ID)
|
|
|
|
return err
|
|
|
|
}
|