Skip to content
GitLab
Select Git revision
  • main default
  • gogintemplate-dockerized
Find file Blame History Permalink
session.go 4.17 KiB
1 
// package sessionmdl provides APIs to Add, Validate and Delete user sessions. These APIs must be used along with JWT Auth.
2 
// If you want to use this functionality, a jwt token must contain `userId` and `sessionId` fields.
3 
// A user can have multiple active sessions for different use cases. To check if user has an active session for particular usecase use `CheckForSessionAvailability()`.
4 
// And to check user session on each request use `ValidateSessionFromToken()`.
5 
//
6 
// An in memory cache is used to store sessions. It automatically falls back to redis cache if -gridmode=1 is set.
7 
//
8 
// The expiraion of session must be same as of token expiration.
9
10 
package sessionmdl
11
12 
import (
13 
	"errors"
14
15 
	"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/cachemdl"
16 
)
17
18 
type Session struct {
19 
	SessionFor string
20 
	SessionId  string
21 
}
22
23 
// store is used to store sessions in memory, falls back to redis cache on grid mode.
24 
var store cachemdl.Cacher
25
26 
var (
27 
	ErrUserNotFound            = errors.New("user not found")
28 
	ErrSessionNotFound         = errors.New("session not found")
29 
	ErrInvalidSessionInstance  = errors.New("got invalid session instance id")
30 
	ErrSessionValidationFailed = errors.New("session validation failed")
31 
)
32
33 
// Init initializes sessions with provided cache. Subsequent calls will not have any effect after first initialization.
34 
func Init(cache cachemdl.Cacher) {
35 
	if store != nil {
36 
		return
37 
	}
38
39 
	store = cache
40 
}
41
42 
// Set stores the sessions for provided userId. Session is appended to the list. It does not check if the same session exists or not.
43 
func Set(userId string, s ...Session) {
44 
	i, ok := store.Get(userId)
45 
	if !ok || i == nil {
46 
		set(userId, s)
47 
		return
48 
	}
49
50 
	sessions, ok := i.([]Session)
51 
	if !ok {
52 
		set(userId, s)
53 
		return
54 
	}
55
56 
	set(userId, append(sessions, s...))
57 
}
58
59 
func set(key string, val interface{}) {
60 
	// Set the user sessions with no expiry as each session can have different expiry depending on the JWT token expiry.
61 
	store.SetNoExpiration(key, val)
62 
}
63
64 
// Get returns all the available sessions for the user. This may contain expired but not deleted sessions.
65 
func Get(userId string) ([]Session, error) {
66 
	var (
67 
		s  []Session
68 
		i  interface{}
69 
		ok bool
70 
	)
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
i, ok = store.Get(userId) if !ok { return s, ErrUserNotFound } s, _ = i.([]Session) // if !ok { // return s, errors.New("failed to retrieve previous sessions") // } return s, nil } // Delete removes all the sessions associated with the user. func Delete(userId string) { store.Delete(userId) } // DeleteSession removes a particular session for user, if present. func DeleteSession(userId, sessionFor string) { sessions, err := Get(userId) if err != nil { return } for i := 0; i < len(sessions); i++ { if sessions[i].SessionFor == sessionFor { sessions[i] = sessions[len(sessions)-1] sessions = sessions[:len(sessions)-1] } } if len(sessions) == 0 { store.Delete(userId) return } set(userId, sessions) } // ValidateSessionFromToken checks for session id in claims against available sessions. // Validate only if a nonempty `sessionId` is present. The claims must contain `userId` field if session is present. func ValidateSessionFromToken(claims map[string]interface{}) error { // check for sessionId field, if not present then it is ignored at the time of token generation. // This means user doesn't want to validate session. i, ok := claims["sessionId"] if !ok || i == nil { return nil } sessionId, _ := i.(string) if len(sessionId) == 0 { return errors.New("\"sessionId\" field is empty") } i, ok = claims["userId"] if !ok { return errors.New("\"userId\" field not found in token") } userId, _ := i.(string) if len(userId) == 0 { return errors.New("\"userId\" field is empty") } sessions, err := Get(userId) if err != nil {
141142143144145146147148149150151152153154155156157158159160161162163164165166
return err } for i := range sessions { if sessions[i].SessionId == sessionId { return nil } } return ErrSessionNotFound } // CheckForSessionAvailability checks if the user has active session for provided `sessionFor`. Returns true if session is available. func CheckForSessionAvailability(userId, sessionFor string) bool { sessions, _ := Get(userId) for i := range sessions { if sessions[i].SessionFor == sessionFor { return true } } return false }