func (db *PGStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
// Set delete if max-age is < 0
if session.Options.MaxAge < 0 {
if err := db.destroy(session); err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options))
return nil
}
if session.ID == "" {
// Generate a random session ID key suitable for storage in the DB
session.ID = string(securecookie.GenerateRandomKey(32))
session.ID = strings.TrimRight(
base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32)), "=")
}
if err := db.save(session); err != nil {
return err
}
// Keep the session ID key in a cookie so it can be looked up in DB later.
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, db.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
return nil
}
func createSession(w http.ResponseWriter, r *http.Request, session *sessions.Session) *ServerSession {
// Each session needs a unique ID in order to be saved.
if session.ID == "" {
session.ID = tokens.NewSessionID()
}
ss := &ServerSession{
CSRFToken: tokens.NewCSRFToken(session.ID),
}
// Attempt to store the session. Remove the session if it's not stored
// correctly.
if err := ss.StoreSession(session.ID); err != nil {
RemoveSession(session.ID)
glog.Fatalln(err)
}
// Similarly, save it in our FS storage and set the user's cookie.
if err := session.Save(r, w); err != nil {
RemoveSession(session.ID)
glog.Fatalln(err)
}
return ss
}
func (d *dalStore) Save(r *http.Request, w http.ResponseWriter, session *gSessions.Session) error {
if session.Options.MaxAge < 0 {
if err := d.delete(session); err != nil {
return err
}
d.Token.SetToken(w, session.Name(), "", session.Options)
return nil
}
if session.ID == "" {
session.ID = dal.NewObjectID().Hex()
}
if err := d.save(session); err != nil {
return err
}
//save just the id to the cookie, the rest will be saved in the dal store
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, d.Codecs...)
if err != nil {
return err
}
d.Token.SetToken(w, session.Name(), encoded, session.Options)
return err
}
func (m *mongoStore) Save(r *http.Request, w http.ResponseWriter, session *gSessions.Session) error {
if session.Options.MaxAge < 0 {
if err := m.delete(session); err != nil {
return err
}
m.Token.SetToken(w, session.Name(), "", session.Options)
return nil
}
if session.ID == "" {
session.ID = bson.NewObjectId().Hex()
}
if err := m.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
m.Codecs...)
if err != nil {
return err
}
m.Token.SetToken(w, session.Name(), encoded, session.Options)
return nil
}
// Save adds a single session to the response.
func (s *SentinelFailoverStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
if session.Options.MaxAge < 0 {
if err := s.delete(session); err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options))
return nil
}
if session.ID == "" {
// Because the ID is not initialized when newly created, encode it to
// use alphanumeric characters only.
session.ID = strings.TrimRight(
base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
return nil
}
func (s *RedisStore) save(session *sessions.Session) error {
encoded, err := securecookie.EncodeMulti(session.Name(), session.Values, s.Codecs...)
if err != nil {
return err
}
c := s.storeHandler.GetRedisConnection()
defer c.Close()
if session.ID == "" {
// Because the ID is used in the filename, encode it to
// use alphanumeric characters only.
session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=")
}
c.Send("SET", "morioka_sess_"+session.ID, encoded)
if err = c.Flush(); err != nil {
return err
}
if _, err = c.Receive(); err != nil {
return err
}
c.Send("EXPIRE", "morioka_sess_"+session.ID, 86400)
if err = c.Flush(); err != nil {
return err
}
if _, err = c.Receive(); err != nil {
return err
}
return nil
}
func (s *RethinkDBStore) save(session *sessions.Session) error {
values := map[string]interface{}{}
for k, v := range session.Values {
kstr, ok := k.(string)
if !ok {
return errors.New("cannot serialize non-string value key")
}
values[kstr] = v
}
json := map[string]interface{}{
"name": session.Name(),
"values": values,
}
var write gorethink.WriteResponse
var err error
if session.ID != "" {
write, err = s.term.Get(session.ID).Update(json).RunWrite(s.rethinkdbSession)
if err == nil && write.Updated == 0 {
json["id"] = session.ID
}
}
if write.Updated == 0 {
write, err = s.term.Insert(json).RunWrite(s.rethinkdbSession)
if err == nil && len(write.GeneratedKeys) > 0 {
session.ID = write.GeneratedKeys[0]
}
}
return err
}
// Save saves a session to the store. If the session has no ID, Save assigns
// a random one. This implementation of Save never returns a non-nil error
// if client is storing sessions data in a *RamSessions instance.
func (s *RAMStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
if session.ID == "" {
session.ID = strings.TrimRight(
base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), session.ID, session.Options))
return nil
}
func (s *RedisStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
if session.ID == "" {
// Because the ID is used in the filename, encode it to
// use alphanumeric characters only.
session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
return nil
}
// Save adds a single session to the response.
func (s *MemoryStore) Save(r *http.Request, w http.ResponseWriter,
session *sessions.Session) error {
Log.Info("MemoryStore Save()", session.ID)
if session.ID == "" {
session.ID = strings.TrimRight(
base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
return nil
}
// Save adds a single session to the response.
func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
if session.Options.MaxAge < 0 {
s.delete(session)
http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options))
} else {
// Build an alphanumeric ID.
if session.ID == "" {
session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
}
return nil
}
// Save adds a single session to the response.
func (s *MemcacheStore) Save(r *http.Request, w http.ResponseWriter,
session *sessions.Session) error {
if session.ID == "" {
session.ID = s.prefix +
strings.TrimRight(
base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32)), "=")
}
c := appengine.NewContext(r)
if err := saveToMemcache(c, s.nonPersistentSessionDuration, session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID,
s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded,
session.Options))
return nil
}
func (m *SqliteStore) insert(session *sessions.Session) error {
var createdOn time.Time
var modifiedOn time.Time
var expiresOn time.Time
crOn := session.Values["created_on"]
if crOn == nil {
createdOn = time.Now()
} else {
createdOn = crOn.(time.Time)
}
modifiedOn = createdOn
exOn := session.Values["expires_on"]
if exOn == nil {
expiresOn = time.Now().Add(time.Second * time.Duration(session.Options.MaxAge))
} else {
expiresOn = exOn.(time.Time)
}
delete(session.Values, "created_on")
delete(session.Values, "expires_on")
delete(session.Values, "modified_on")
encoded, encErr := securecookie.EncodeMulti(session.Name(), session.Values, m.Codecs...)
if encErr != nil {
return encErr
}
res, insErr := m.stmtInsert.Exec(encoded, createdOn, modifiedOn, expiresOn)
if insErr != nil {
return insErr
}
lastInserted, lInsErr := res.LastInsertId()
if lInsErr != nil {
return lInsErr
}
session.ID = fmt.Sprintf("%d", lastInserted)
return nil
}
// Save adds a single session to the response.
func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
// Marked for deletion
if session.Options.MaxAge < 0 {
s.delete(session)
// Even we fail to delete, we should clear the cookie
http.SetCookie(w, sessions.NewCookie(session.Name(), "", session.Options))
return nil
}
// Build an alphanumeric session id
// FYI: Session ID is protected by MAC by securecookie so it can't be forged.
if session.ID == "" {
session.ID = strings.TrimRight(base32.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(32)), "=")
}
if err := s.save(session); err != nil {
return err
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, sessions.NewCookie(session.Name(), encoded, session.Options))
return nil
}
