sessions

package

v0.4.3 Latest Latest Go to latest Published: Feb 22, 2025 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jmpsec/osctrl

Documentation ¶

Index ¶

Constants
func CheckCSRFToken(ctxToken, receivedToken string) bool
func GenerateCSRF() string
func LevelPermissions(user users.AdminUser, access users.EnvAccess) string
type ContextKey
type ContextValue
type SessionManager
- func CreateSessionManager(db *gorm.DB, name, sKey string) *SessionManager
type SessionValues
type UserSession

Constants ¶

View Source

const (
	AdminLevel string = "admin"
	UserLevel  string = "user"
	QueryLevel string = "query"
	CarveLevel string = "carve"
)

View Source

const (
	CtxUser    = "user"
	CtxEmail   = "email"
	CtxCSRF    = "csrftoken"
	CtxSession = "session"
)

Variables ¶

This section is empty.

Functions ¶

func CheckCSRFToken ¶

func CheckCSRFToken(ctxToken, receivedToken string) bool

Helper to check if the CSRF token is valid

func GenerateCSRF ¶

func GenerateCSRF() string

Function to generate a secure CSRF token

func LevelPermissions ¶

func LevelPermissions(user users.AdminUser, access users.EnvAccess) string

Helper to convert permissions for a user to a level for context

Types ¶

type ContextKey ¶

type ContextKey string

contextKey to help with the context key, to pass session data

type ContextValue ¶

type ContextValue map[string]string

contextValue to hold session data in the context

type SessionManager ¶

type SessionManager struct {
	Codecs     []securecookie.Codec
	Options    *sessions.Options
	CookieName string
	// contains filtered or unexported fields
}

SessionManager represent a session's store structure

func CreateSessionManager ¶

func CreateSessionManager(db *gorm.DB, name, sKey string) *SessionManager

CreateSessionManager creates a new session store in the DB and initialize the tables

func (*SessionManager) CheckAuth ¶

func (sm *SessionManager) CheckAuth(r *http.Request) (bool, UserSession)

CheckAuth to verify if a session exists/is valid

func (*SessionManager) Cleanup ¶

func (sm *SessionManager) Cleanup()

Cleanup deletes expired sessions

func (*SessionManager) Destroy ¶

func (sm *SessionManager) Destroy(r *http.Request) error

Destroy session expires it and it will be cleaned up

func (*SessionManager) Get ¶

func (sm *SessionManager) Get(cookie string) (UserSession, error)

Get returns a non-expired existing session for the given cookie

func (*SessionManager) GetByUsername ¶

func (sm *SessionManager) GetByUsername(username string) ([]UserSession, error)

GetByUsername returns all the existing sessions for the given username

func (*SessionManager) New ¶

func (sm *SessionManager) New(r *http.Request, username string) (UserSession, error)

New creates a session with name without adding it to the registry.

func (*SessionManager) Save ¶

func (sm *SessionManager) Save(r *http.Request, w http.ResponseWriter, user users.AdminUser) (UserSession, error)

Save session and set cookie header

type SessionValues ¶

type SessionValues map[interface{}]interface{}

sessionValues to keep session values

type UserSession ¶

type UserSession struct {
	gorm.Model
	Username  string
	IPAddress string
	UserAgent string
	ExpiresAt time.Time
	Cookie    string        `gorm:"index"`
	Values    SessionValues `gorm:"-"`
}

UserSession as abstraction of a session

Source Files ¶

View all Source files

sessions.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL