From 3f4d6d15a1441cfff0ebb11157c603f902a944dc Mon Sep 17 00:00:00 2001 From: Aaron Lindsay Date: Sun, 3 Dec 2017 06:11:38 -0500 Subject: [PATCH] Split Sessions into models --- internal/db/db.go | 2 +- internal/handlers/sessions.go | 63 ++++------------------------ internal/handlers/sessions_test.go | 5 ++- internal/models/sessions.go | 67 ++++++++++++++++++++++++++++++ 4 files changed, 79 insertions(+), 58 deletions(-) create mode 100644 internal/models/sessions.go diff --git a/internal/db/db.go b/internal/db/db.go index fbb7b9d..4ee3192 100644 --- a/internal/db/db.go +++ b/internal/db/db.go @@ -35,7 +35,7 @@ func GetDbMap(db *sql.DB, dbtype config.DbType) (*gorp.DbMap, error) { dbmap := &gorp.DbMap{Db: db, Dialect: dialect} dbmap.AddTableWithName(models.User{}, "users").SetKeys(true, "UserId") - dbmap.AddTableWithName(handlers.Session{}, "sessions").SetKeys(true, "SessionId") + dbmap.AddTableWithName(models.Session{}, "sessions").SetKeys(true, "SessionId") dbmap.AddTableWithName(handlers.Account{}, "accounts").SetKeys(true, "AccountId") dbmap.AddTableWithName(handlers.Security{}, "securities").SetKeys(true, "SecurityId") dbmap.AddTableWithName(handlers.Transaction{}, "transactions").SetKeys(true, "TransactionId") diff --git a/internal/handlers/sessions.go b/internal/handlers/sessions.go index 81954b1..8349613 100644 --- a/internal/handlers/sessions.go +++ b/internal/handlers/sessions.go @@ -1,38 +1,15 @@ package handlers import ( - "crypto/rand" - "encoding/base64" - "encoding/json" "fmt" "github.com/aclindsa/moneygo/internal/models" - "io" "log" "net/http" - "strings" "time" ) -type Session struct { - SessionId int64 - SessionSecret string `json:"-"` - UserId int64 - Created time.Time - Expires time.Time -} - -func (s *Session) Write(w http.ResponseWriter) error { - enc := json.NewEncoder(w) - return enc.Encode(s) -} - -func (s *Session) Read(json_str string) error { - dec := json.NewDecoder(strings.NewReader(json_str)) - return dec.Decode(s) -} - -func GetSession(tx *Tx, r *http.Request) (*Session, error) { - var s Session +func GetSession(tx *Tx, r *http.Request) (*models.Session, error) { + var s models.Session cookie, err := r.Cookie("moneygo-session") if err != nil { @@ -63,16 +40,8 @@ func DeleteSessionIfExists(tx *Tx, r *http.Request) error { return nil } -func NewSessionCookie() (string, error) { - bits := make([]byte, 128) - if _, err := io.ReadFull(rand.Reader, bits); err != nil { - return "", err - } - return base64.StdEncoding.EncodeToString(bits), nil -} - type NewSessionWriter struct { - session *Session + session *models.Session cookie *http.Cookie } @@ -82,14 +51,12 @@ func (n *NewSessionWriter) Write(w http.ResponseWriter) error { } func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error) { - s := Session{} - - session_secret, err := NewSessionCookie() + s, err := models.NewSession(userid) if err != nil { return nil, err } - existing, err := tx.SelectInt("SELECT count(*) from sessions where SessionSecret=?", session_secret) + existing, err := tx.SelectInt("SELECT count(*) from sessions where SessionSecret=?", s.SessionSecret) if err != nil { return nil, err } @@ -97,26 +64,12 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error return nil, fmt.Errorf("%d session(s) exist with the generated session_secret", existing) } - cookie := http.Cookie{ - Name: "moneygo-session", - Value: session_secret, - Path: "/", - Domain: r.URL.Host, - Expires: time.Now().AddDate(0, 1, 0), // a month from now - Secure: true, - HttpOnly: true, - } - - s.SessionSecret = session_secret - s.UserId = userid - s.Created = time.Now() - s.Expires = cookie.Expires - - err = tx.Insert(&s) + err = tx.Insert(s) if err != nil { return nil, err } - return &NewSessionWriter{&s, &cookie}, nil + + return &NewSessionWriter{s, s.Cookie(r.URL.Host)}, nil } func SessionHandler(r *http.Request, context *Context) ResponseWriterWriter { diff --git a/internal/handlers/sessions_test.go b/internal/handlers/sessions_test.go index c0bc6b4..e065bac 100644 --- a/internal/handlers/sessions_test.go +++ b/internal/handlers/sessions_test.go @@ -3,6 +3,7 @@ package handlers_test import ( "fmt" "github.com/aclindsa/moneygo/internal/handlers" + "github.com/aclindsa/moneygo/internal/models" "net/http" "net/http/cookiejar" "net/url" @@ -26,8 +27,8 @@ func newSession(user *User) (*http.Client, error) { return &client, nil } -func getSession(client *http.Client) (*handlers.Session, error) { - var s handlers.Session +func getSession(client *http.Client) (*models.Session, error) { + var s models.Session err := read(client, &s, "/v1/sessions/") return &s, err } diff --git a/internal/models/sessions.go b/internal/models/sessions.go new file mode 100644 index 0000000..872bc3c --- /dev/null +++ b/internal/models/sessions.go @@ -0,0 +1,67 @@ +package models + +import ( + "crypto/rand" + "encoding/base64" + "encoding/json" + "io" + "net/http" + "strings" + "time" +) + +type Session struct { + SessionId int64 + SessionSecret string `json:"-"` + UserId int64 + Created time.Time + Expires time.Time +} + +func (s *Session) Cookie(domain string) *http.Cookie { + return &http.Cookie{ + Name: "moneygo-session", + Value: s.SessionSecret, + Path: "/", + Domain: domain, + Expires: s.Expires, + Secure: true, + HttpOnly: true, + } +} + +func (s *Session) Write(w http.ResponseWriter) error { + enc := json.NewEncoder(w) + return enc.Encode(s) +} + +func (s *Session) Read(json_str string) error { + dec := json.NewDecoder(strings.NewReader(json_str)) + return dec.Decode(s) +} + +func newSessionSecret() (string, error) { + bits := make([]byte, 128) + if _, err := io.ReadFull(rand.Reader, bits); err != nil { + return "", err + } + return base64.StdEncoding.EncodeToString(bits), nil +} + +func NewSession(userid int64) (*Session, error) { + session_secret, err := newSessionSecret() + if err != nil { + return nil, err + } + + now := time.Now() + + s := Session{ + SessionSecret: session_secret, + UserId: userid, + Created: now, + Expires: now.AddDate(0, 1, 0), // a month from now + } + + return &s, nil +}