-
Notifications
You must be signed in to change notification settings - Fork 0
/
session.go
125 lines (108 loc) · 2.98 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package beepboop
import (
"context"
"net/http"
"time"
"github.com/razzie/reqip"
)
// Session ...
type Session struct {
ctx context.Context
sessionID string
requestID string
ip string
allAccess AccessMap
newAccess AccessMap
db *DB
}
func newSession(r *PageRequest) *Session {
sess := &Session{
ctx: r.Request.Context(),
requestID: r.RequestID,
ip: reqip.GetClientIP(r.Request),
allAccess: make(AccessMap),
newAccess: make(AccessMap),
db: r.Context.DB,
}
for _, c := range r.Request.Cookies() {
if c.Name == "session" {
sess.sessionID = c.Value
continue
}
sess.allAccess.fromCookie(c)
}
db := r.Context.DB
if db != nil && len(sess.sessionID) > 0 {
dbAccess, err := db.getAccessMap(sess.sessionID, sess.ip)
if err == nil {
sess.allAccess.Merge(dbAccess)
} else {
r.Log(err)
}
}
return sess
}
// Context returns the context of the session
func (sess *Session) Context() context.Context {
return sess.ctx
}
// SessionID returns the sessionID
func (sess *Session) SessionID() string {
return sess.sessionID
}
// IP returns the session IP address
func (sess *Session) IP() string {
return sess.ip
}
// GetAccessCode returns the access code to the given resource
func (sess *Session) GetAccessCode(accessType, resource string) (string, bool) {
return sess.allAccess.Get(accessType, resource)
}
// AddAccess permits the requester to access the given resource
func (sess *Session) AddAccess(accessType, resource, accesscode string) error {
access := make(AccessMap)
access.Add(accessType, resource, accesscode)
return sess.MergeAccess(access)
}
// RemoveAccess removes the requester's access to the given resource
func (sess *Session) RemoveAccess(accessType, resource string) error {
revoke := AccessRevokeMap{
AccessType(accessType): AccessResourceName(resource),
}
return sess.RevokeAccess(revoke)
}
// MergeAccess permits the requester to access the given resources
func (sess *Session) MergeAccess(access AccessMap) error {
if sess.db != nil {
if len(sess.sessionID) == 0 {
sess.sessionID = sess.requestID
}
return sess.db.addSessionAccess(sess.sessionID, sess.ip, access)
}
sess.newAccess.Merge(access)
sess.allAccess.Merge(access)
return nil
}
// RevokeAccess revokes the requester's access to the given resources
func (sess *Session) RevokeAccess(revoke AccessRevokeMap) error {
if sess.db != nil && len(sess.sessionID) > 0 {
return sess.db.revokeSessionAccess(sess.sessionID, sess.ip, revoke)
}
sess.newAccess.Revoke(revoke, true)
sess.allAccess.Revoke(revoke, false)
return nil
}
func (sess *Session) getSessionCookie(expiration time.Duration) *http.Cookie {
return &http.Cookie{
Name: "session",
Value: sess.sessionID,
Path: "/",
Expires: time.Now().Add(expiration),
}
}
func (sess *Session) toCookies(expiration time.Duration) []*http.Cookie {
if len(sess.sessionID) > 0 {
return []*http.Cookie{sess.getSessionCookie(expiration)}
}
return sess.newAccess.ToCookies(expiration)
}