/
store.go
126 lines (109 loc) · 2.62 KB
/
store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package auth
import (
"context"
"encoding/hex"
"errors"
"sync"
"time"
"github.com/cozy/cozy-stack/pkg/config/config"
"github.com/cozy/cozy-stack/pkg/crypto"
"github.com/cozy/cozy-stack/pkg/prefixer"
"github.com/redis/go-redis/v9"
)
// Store is essentially an object to store and retrieve confirmation codes
type Store interface {
AddCode(db prefixer.Prefixer) (string, error)
GetCode(db prefixer.Prefixer, code string) (bool, error)
}
// storeTTL is the time an entry stay alive
var storeTTL = 5 * time.Minute
// storeCleanInterval is the time interval between each cleanup.
var storeCleanInterval = 1 * time.Hour
var mu sync.Mutex
var globalStore Store
// GetStore returns the store for temporary move objects.
func GetStore() Store {
mu.Lock()
defer mu.Unlock()
if globalStore != nil {
return globalStore
}
cli := config.GetConfig().SessionStorage
if cli == nil {
globalStore = newMemStore()
} else {
ctx := context.Background()
globalStore = &redisStore{cli, ctx}
}
return globalStore
}
type memStore struct {
mu sync.Mutex
vals map[string]time.Time
}
func newMemStore() Store {
store := &memStore{vals: make(map[string]time.Time)}
go store.cleaner()
return store
}
func (s *memStore) cleaner() {
for range time.Tick(storeCleanInterval) {
now := time.Now()
for k, v := range s.vals {
if now.After(v) {
delete(s.vals, k)
}
}
}
}
func (s *memStore) AddCode(db prefixer.Prefixer) (string, error) {
code := makeSecret()
s.mu.Lock()
defer s.mu.Unlock()
key := confirmKey(db, code)
s.vals[key] = time.Now().Add(storeTTL)
return code, nil
}
func (s *memStore) GetCode(db prefixer.Prefixer, code string) (bool, error) {
s.mu.Lock()
defer s.mu.Unlock()
key := confirmKey(db, code)
exp, ok := s.vals[key]
if !ok {
return false, nil
}
if time.Now().After(exp) {
delete(s.vals, key)
return false, nil
}
return true, nil
}
type redisStore struct {
c redis.UniversalClient
ctx context.Context
}
func (s *redisStore) AddCode(db prefixer.Prefixer) (string, error) {
code := makeSecret()
key := confirmKey(db, code)
if err := s.c.Set(s.ctx, key, "1", storeTTL).Err(); err != nil {
return "", err
}
return code, nil
}
func (s *redisStore) GetCode(db prefixer.Prefixer, code string) (bool, error) {
key := confirmKey(db, code)
n, err := s.c.Exists(s.ctx, key).Result()
if errors.Is(err, redis.Nil) || n == 0 {
return false, nil
}
if err != nil {
return false, err
}
return true, nil
}
func confirmKey(db prefixer.Prefixer, suffix string) string {
return db.DBPrefix() + ":confirm_auth:" + suffix
}
func makeSecret() string {
return hex.EncodeToString(crypto.GenerateRandomBytes(8))
}