Beispiel #1
0
func expiresFromDuration(d time.Duration) (expires time.Time, maxAge int) {
	switch d {
	case -1:
		// persistent
		expires = util.Now().UTC().AddDate(20, 0, 0)
	case 0:
		expires = time.Time{}
	default:
		expires = util.Now().UTC().Add(d)
		maxAge = int(d.Seconds())
	}
	return expires, maxAge
}
Beispiel #2
0
func (m *SessionMiddleware) Before(c *Controller) {
	defer func() {
		if err := recover(); err != nil {
			switch err.(type) {
			case ErrSession:
				Log.Error("%v", err)
			case ErrSessionExpected:
				Log.Info("%v", err)
			default:
				panic(err)
			}
			c.Session = make(Session)
		}
	}()
	cookie, err := c.Request.Cookie(appConfig.Session.Name)
	if err != nil {
		panic(NewErrSessionExpected("new session"))
	}
	sess := appConfig.Session.Store.Load(cookie.Value)
	expiresStr, ok := sess[SessionExpiresKey]
	if !ok {
		panic(NewErrSession("expires value not found"))
	}
	expires, err := strconv.ParseInt(expiresStr, 10, 64)
	if err != nil {
		panic(NewErrSession(err.Error()))
	}
	if expires < util.Now().Unix() {
		panic(NewErrSessionExpected("session has been expired"))
	}
	c.Session = sess
}
Beispiel #3
0
func (l *entryLogger) Output(level Level, message string) {
	l.logger.mu.Lock()
	defer l.logger.mu.Unlock()
	l.entry.Level = level
	l.entry.Time = util.Now()
	l.entry.Message = message
	l.logger.buf.Reset()
	format := Formatter.Format
	if int(level) < len(l.logger.formatFuncs) {
		format = l.logger.formatFuncs[level]
	}
	if err := format(l.logger.formatter, &l.logger.buf, l.entry); err != nil {
		fmt.Fprintf(os.Stderr, "kocha: log: %v\n", err)
	}
	l.logger.buf.WriteByte('\n')
	if _, err := io.Copy(l.logger.out, &l.logger.buf); err != nil {
		fmt.Fprintf(os.Stderr, "kocha: log: failed to write log: %v\n", err)
	}
}
Beispiel #4
0
func (m *SessionMiddleware) before(app *Application, c *Context) (err error) {
	defer func() {
		switch err.(type) {
		case nil:
			// do nothing.
		case ErrSession:
			app.Logger.Info(err)
		default:
			app.Logger.Error(err)
		}
		if c.Session == nil {
			c.Session = make(Session)
		}
		err = nil
	}()
	cookie, err := c.Request.Cookie(m.Name)
	if err != nil {
		return NewErrSession("new session")
	}
	sess, err := m.Store.Load(cookie.Value)
	if err != nil {
		return err
	}
	expiresStr, ok := sess[m.ExpiresKey]
	if !ok {
		return fmt.Errorf("expires value not found")
	}
	expires, err := strconv.ParseInt(expiresStr, 10, 64)
	if err != nil {
		return err
	}
	if expires < util.Now().Unix() {
		return NewErrSession("session has been expired")
	}
	c.Session = sess
	return nil
}
Beispiel #5
0
func TestSessionMiddleware_After(t *testing.T) {
	app := kocha.NewTestApp()
	origNow := util.Now
	util.Now = func() time.Time { return time.Unix(1383820443, 0) }
	defer func() {
		util.Now = origNow
	}()
	r, err := http.NewRequest("GET", "/", nil)
	if err != nil {
		t.Fatal(err)
	}
	w := httptest.NewRecorder()
	req, res := &kocha.Request{Request: r}, &kocha.Response{ResponseWriter: w}
	c := &kocha.Context{Request: req, Response: res}
	c.Session = make(kocha.Session)
	m := &kocha.SessionMiddleware{Store: &NullSessionStore{}}
	m.SessionExpires = time.Duration(1) * time.Second
	m.CookieExpires = time.Duration(2) * time.Second
	if err := m.Process(app, c, func() error {
		return nil
	}); err != nil {
		t.Error(err)
	}
	var (
		actual   interface{} = c.Session
		expected interface{} = kocha.Session{
			m.ExpiresKey: "1383820444", // + time.Duration(1) * time.Second
		}
	)
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}

	c.Session[m.ExpiresKey] = "1383820444"
	value, err := m.Store.Save(c.Session)
	if err != nil {
		t.Fatal(err)
	}
	c1 := res.Cookies()[0]
	c2 := &http.Cookie{
		Name:     m.Name,
		Value:    value,
		Path:     "/",
		Expires:  util.Now().UTC().Add(m.CookieExpires),
		MaxAge:   2,
		Secure:   false,
		HttpOnly: m.HttpOnly,
	}
	actual = c1.Name
	expected = c2.Name
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual, err = m.Store.Load(c1.Value)
	if err != nil {
		t.Error(err)
	}
	expected, err = m.Store.Load(c2.Value)
	if err != nil {
		t.Error(err)
	}
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Path
	expected = c2.Path
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Expires
	expected = c2.Expires
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.MaxAge
	expected = c2.MaxAge
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Secure
	expected = c2.Secure
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.HttpOnly
	expected = c2.HttpOnly
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
}
Beispiel #6
0
func TestSessionMiddlewareAfter(t *testing.T) {
	oldAppConfig := appConfig
	appConfig = newTestAppConfig()
	origNow := util.Now
	util.Now = func() time.Time { return time.Unix(1383820443, 0) }
	defer func() {
		util.Now = origNow
		appConfig = oldAppConfig
	}()
	r, err := http.NewRequest("GET", "/", nil)
	if err != nil {
		t.Fatal(err)
	}
	w := httptest.NewRecorder()
	req, res := newRequest(r), newResponse(w)
	c := &Controller{Request: req, Response: res}
	c.Session = make(Session)
	appConfig.Session.SessionExpires = time.Duration(1) * time.Second
	appConfig.Session.CookieExpires = time.Duration(2) * time.Second
	m := &SessionMiddleware{}
	m.After(c)
	var (
		actual   interface{} = c.Session
		expected interface{} = Session{
			SessionExpiresKey: "1383820444", // + time.Duration(1) * time.Second
		}
	)
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}

	c.Session[SessionExpiresKey] = "1383820444"
	c1 := res.Cookies()[0]
	c2 := &http.Cookie{
		Name:     appConfig.Session.Name,
		Value:    appConfig.Session.Store.Save(c.Session),
		Path:     "/",
		Expires:  util.Now().UTC().Add(appConfig.Session.CookieExpires),
		MaxAge:   2,
		Secure:   false,
		HttpOnly: appConfig.Session.HttpOnly,
	}
	actual = c1.Name
	expected = c2.Name
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = appConfig.Session.Store.Load(c1.Value)
	expected = appConfig.Session.Store.Load(c2.Value)
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Path
	expected = c2.Path
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Expires
	expected = c2.Expires
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.MaxAge
	expected = c2.MaxAge
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.Secure
	expected = c2.Secure
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
	actual = c1.HttpOnly
	expected = c2.HttpOnly
	if !reflect.DeepEqual(actual, expected) {
		t.Errorf("Expect %v, but %v", expected, actual)
	}
}