dispatch/pkg/session/session.go

package session

import (
	"crypto/rand"
	"encoding/base64"
	"net/http"
	"sync"
	"time"

	"github.com/khlieng/dispatch/pkg/cookie"
)

var (
	CookieName = "session"

	Expiration      = time.Hour * 24 * 7
	RefreshInterval = time.Hour
)

type Session struct {
	UserID uint64

	key       string
	createdAt int64
	lock      sync.Mutex
}

func New(id uint64) (*Session, error) {
	key, err := newSessionKey()
	if err != nil {
		return nil, err
	}

	return &Session{
		key:       key,
		createdAt: time.Now().Unix(),
		UserID:    id,
	}, nil
}

func (s *Session) Key() string {
	s.lock.Lock()
	key := s.key
	s.lock.Unlock()
	return key
}

func (s *Session) SetCookie(w http.ResponseWriter, r *http.Request) {
	s.lock.Lock()
	created := time.Unix(s.createdAt, 0)
	s.lock.Unlock()

	cookie.Set(w, r, &http.Cookie{
		Name:    CookieName,
		Value:   s.Key(),
		Expires: created.Add(Expiration),
	})
}

func (s *Session) Expired() bool {
	s.lock.Lock()
	created := time.Unix(s.createdAt, 0)
	s.lock.Unlock()
	return time.Since(created) > Expiration
}

func (s *Session) Refresh() (string, error) {
	s.lock.Lock()
	created := time.Unix(s.createdAt, 0)
	s.lock.Unlock()

	if time.Since(created) > RefreshInterval {
		key, err := newSessionKey()
		if err != nil {
			return "", err
		}

		s.lock.Lock()
		s.createdAt = time.Now().Unix()
		s.key = key
		s.lock.Unlock()
		return key, nil
	}

	return "", nil
}

func newSessionKey() (string, error) {
	key := make([]byte, 32)
	_, err := rand.Read(key)
	return base64.RawURLEncoding.EncodeToString(key), err
}
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`package session`

			`import (`
			`"crypto/rand"`
			`"encoding/base64"`
			`"net/http"`
			`"sync"`
			`"time"`
Add __Host- prefix, set X-XSS-Protection to 0, require go1.11 2020-06-25 06:21:16 +00:00
			`"github.com/khlieng/dispatch/pkg/cookie"`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`)`

			`var (`
			`CookieName = "session"`

			`Expiration = time.Hour * 24 * 7`
			`RefreshInterval = time.Hour`
			`)`

			`type Session struct {`
			`UserID uint64`

Remove session expiration timer 2018-06-01 03:59:13 +00:00			`key string`
			`createdAt int64`
			`lock sync.Mutex`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}`

			`func New(id uint64) (*Session, error) {`
			`key, err := newSessionKey()`
			`if err != nil {`
			`return nil, err`
			`}`

			`return &Session{`
Remove session expiration timer 2018-06-01 03:59:13 +00:00			`key: key,`
			`createdAt: time.Now().Unix(),`
			`UserID: id,`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}, nil`
			`}`

			`func (s *Session) Key() string {`
			`s.lock.Lock()`
			`key := s.key`
			`s.lock.Unlock()`
			`return key`
			`}`

			`func (s Session) SetCookie(w http.ResponseWriter, r http.Request) {`
Remove session expiration timer 2018-06-01 03:59:13 +00:00			`s.lock.Lock()`
			`created := time.Unix(s.createdAt, 0)`
			`s.lock.Unlock()`

Add __Host- prefix, set X-XSS-Protection to 0, require go1.11 2020-06-25 06:21:16 +00:00			`cookie.Set(w, r, &http.Cookie{`
			`Name: CookieName,`
			`Value: s.Key(),`
			`Expires: created.Add(Expiration),`
			`})`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}`

			`func (s *Session) Expired() bool {`
			`s.lock.Lock()`
			`created := time.Unix(s.createdAt, 0)`
			`s.lock.Unlock()`
			`return time.Since(created) > Expiration`
			`}`

Dont refresh session keys on bootloader requests 2018-11-08 07:39:47 +00:00			`func (s *Session) Refresh() (string, error) {`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`s.lock.Lock()`
			`created := time.Unix(s.createdAt, 0)`
			`s.lock.Unlock()`

			`if time.Since(created) > RefreshInterval {`
			`key, err := newSessionKey()`
			`if err != nil {`
Dont refresh session keys on bootloader requests 2018-11-08 07:39:47 +00:00			`return "", err`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}`

			`s.lock.Lock()`
			`s.createdAt = time.Now().Unix()`
			`s.key = key`
			`s.lock.Unlock()`
Dont refresh session keys on bootloader requests 2018-11-08 07:39:47 +00:00			`return key, nil`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}`

Dont refresh session keys on bootloader requests 2018-11-08 07:39:47 +00:00			`return "", nil`
Persist, renew and delete sessions, refactor storage package, move reusable packages to pkg 2018-05-31 21:24:59 +00:00			`}`

			`func newSessionKey() (string, error) {`
			`key := make([]byte, 32)`
			`_, err := rand.Read(key)`
			`return base64.RawURLEncoding.EncodeToString(key), err`
			`}`