func (db *PGStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { // Set delete if max-age is < 0 if session.Options.MaxAge < 0 { if err := db.destroy(session); err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options)) return nil } if session.ID == "" { // Generate a random session ID key suitable for storage in the DB session.ID = string(securecookie.GenerateRandomKey(32)) session.ID = strings.TrimRight( base32.StdEncoding.EncodeToString( securecookie.GenerateRandomKey(32)), "=") } if err := db.save(session); err != nil { return err } // Keep the session ID key in a cookie so it can be looked up in DB later. encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, db.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
func createSession(w http.ResponseWriter, r *http.Request, session *sessions.Session) *ServerSession { // Each session needs a unique ID in order to be saved. if session.ID == "" { session.ID = tokens.NewSessionID() } ss := &ServerSession{ CSRFToken: tokens.NewCSRFToken(session.ID), } // Attempt to store the session. Remove the session if it's not stored // correctly. if err := ss.StoreSession(session.ID); err != nil { RemoveSession(session.ID) glog.Fatalln(err) } // Similarly, save it in our FS storage and set the user's cookie. if err := session.Save(r, w); err != nil { RemoveSession(session.ID) glog.Fatalln(err) } return ss }
func (d *dalStore) Save(r *http.Request, w http.ResponseWriter, session *gSessions.Session) error { if session.Options.MaxAge < 0 { if err := d.delete(session); err != nil { return err } d.Token.SetToken(w, session.Name(), "", session.Options) return nil } if session.ID == "" { session.ID = dal.NewObjectID().Hex() } if err := d.save(session); err != nil { return err } //save just the id to the cookie, the rest will be saved in the dal store encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, d.Codecs...) if err != nil { return err } d.Token.SetToken(w, session.Name(), encoded, session.Options) return err }
func (m *mongoStore) Save(r *http.Request, w http.ResponseWriter, session *gSessions.Session) error { if session.Options.MaxAge < 0 { if err := m.delete(session); err != nil { return err } m.Token.SetToken(w, session.Name(), "", session.Options) return nil } if session.ID == "" { session.ID = bson.NewObjectId().Hex() } if err := m.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, m.Codecs...) if err != nil { return err } m.Token.SetToken(w, session.Name(), encoded, session.Options) return nil }
// Save adds a single session to the response. func (s *SentinelFailoverStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.Options.MaxAge < 0 { if err := s.delete(session); err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options)) return nil } if session.ID == "" { // Because the ID is not initialized when newly created, encode it to // use alphanumeric characters only. session.ID = strings.TrimRight( base32.StdEncoding.EncodeToString( securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
func (s *RedisStore) save(session *sessions.Session) error { encoded, err := securecookie.EncodeMulti(session.Name(), session.Values, s.Codecs...) if err != nil { return err } c := s.storeHandler.GetRedisConnection() defer c.Close() if session.ID == "" { // Because the ID is used in the filename, encode it to // use alphanumeric characters only. session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=") } c.Send("SET", "morioka_sess_"+session.ID, encoded) if err = c.Flush(); err != nil { return err } if _, err = c.Receive(); err != nil { return err } c.Send("EXPIRE", "morioka_sess_"+session.ID, 86400) if err = c.Flush(); err != nil { return err } if _, err = c.Receive(); err != nil { return err } return nil }
func (s *RethinkDBStore) save(session *sessions.Session) error { values := map[string]interface{}{} for k, v := range session.Values { kstr, ok := k.(string) if !ok { return errors.New("cannot serialize non-string value key") } values[kstr] = v } json := map[string]interface{}{ "name": session.Name(), "values": values, } var write gorethink.WriteResponse var err error if session.ID != "" { write, err = s.term.Get(session.ID).Update(json).RunWrite(s.rethinkdbSession) if err == nil && write.Updated == 0 { json["id"] = session.ID } } if write.Updated == 0 { write, err = s.term.Insert(json).RunWrite(s.rethinkdbSession) if err == nil && len(write.GeneratedKeys) > 0 { session.ID = write.GeneratedKeys[0] } } return err }
// Save saves a session to the store. If the session has no ID, Save assigns // a random one. This implementation of Save never returns a non-nil error // if client is storing sessions data in a *RamSessions instance. func (s *RAMStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.ID == "" { session.ID = strings.TrimRight( base32.StdEncoding.EncodeToString( securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), session.ID, session.Options)) return nil }
func (s *RedisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.ID == "" { // Because the ID is used in the filename, encode it to // use alphanumeric characters only. session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
// Save adds a single session to the response. func (s *MemoryStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { Log.Info("MemoryStore Save()", session.ID) if session.ID == "" { session.ID = strings.TrimRight( base32.StdEncoding.EncodeToString( securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
// Save adds a single session to the response. func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.Options.MaxAge < 0 { s.delete(session) http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options)) } else { // Build an alphanumeric ID. if session.ID == "" { session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) } return nil }
// Save adds a single session to the response. func (s *MemcacheStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { if session.ID == "" { session.ID = s.prefix + strings.TrimRight( base32.StdEncoding.EncodeToString( securecookie.GenerateRandomKey(32)), "=") } c := appengine.NewContext(r) if err := saveToMemcache(c, s.nonPersistentSessionDuration, session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }
func (m *SqliteStore) insert(session *sessions.Session) error { var createdOn time.Time var modifiedOn time.Time var expiresOn time.Time crOn := session.Values["created_on"] if crOn == nil { createdOn = time.Now() } else { createdOn = crOn.(time.Time) } modifiedOn = createdOn exOn := session.Values["expires_on"] if exOn == nil { expiresOn = time.Now().Add(time.Second * time.Duration(session.Options.MaxAge)) } else { expiresOn = exOn.(time.Time) } delete(session.Values, "created_on") delete(session.Values, "expires_on") delete(session.Values, "modified_on") encoded, encErr := securecookie.EncodeMulti(session.Name(), session.Values, m.Codecs...) if encErr != nil { return encErr } res, insErr := m.stmtInsert.Exec(encoded, createdOn, modifiedOn, expiresOn) if insErr != nil { return insErr } lastInserted, lInsErr := res.LastInsertId() if lInsErr != nil { return lInsErr } session.ID = fmt.Sprintf("%d", lastInserted) return nil }
// Save adds a single session to the response. func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error { // Marked for deletion if session.Options.MaxAge < 0 { s.delete(session) // Even we fail to delete, we should clear the cookie http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options)) return nil } // Build an alphanumeric session id // FYI: Session ID is protected by MAC by securecookie so it can't be forged. if session.ID == "" { session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=") } if err := s.save(session); err != nil { return err } encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...) if err != nil { return err } http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options)) return nil }