*.db
*.log
custom/
+data/
.vendor/
.idea/
*.iml
\ No newline at end of file
; memcache: "127.0.0.1:11211"
HOST =
+[session]
+; Either "memory", "file", "redis" or "mysql", default is "memory"
+PROVIDER = file
+; provider config
+; memory: not have any config yet
+; file: session file path
+; e.g. tmp/sessions
+; redis: config like redis server addr,poolSize,password
+; e.g. 127.0.0.1:6379,100,astaxie
+; mysql: go-sql-driver/mysql dsn config string
+; e.g. root:password@/session_table
+PROVIDER_CONFIG = data/sessions
+; session cookie name
+COOKIE_NAME = i_like_gogits
+; if you use session in https only, default is false
+COOKIE_SECURE = false
+; enable set cookie, default is true
+ENABLE_SET_COOKIE = true
+; session gc time interval, default is 86400
+GC_INTERVAL_TIME = 86400
+; session life time, default is 86400
+SESSION_LIFE_TIME = 86400
+; session id hash func, default is sha1
+SESSION_ID_HASHFUNC = sha1
+; session hash key, default is use random string
+SESSION_ID_HASHKEY =
+
[picture]
; The place to picture data, either "server" or "qiniu", default is "server"
SERVICE = server
"reflect"
"github.com/codegangsta/martini"
- "github.com/martini-contrib/sessions"
+
+ "github.com/gogits/session"
"github.com/gogits/binding"
)
// SignedInId returns the id of signed in user.
-func SignedInId(session sessions.Session) int64 {
+func SignedInId(session session.SessionStore) int64 {
userId := session.Get("userId")
if userId == nil {
return 0
}
// SignedInName returns the name of signed in user.
-func SignedInName(session sessions.Session) string {
+func SignedInName(session session.SessionStore) string {
userName := session.Get("userName")
if userName == nil {
return ""
}
// SignedInUser returns the user object of signed user.
-func SignedInUser(session sessions.Session) *models.User {
+func SignedInUser(session session.SessionStore) *models.User {
id := SignedInId(session)
if id <= 0 {
return nil
}
// IsSignedIn check if any user has signed in.
-func IsSignedIn(session sessions.Session) bool {
+func IsSignedIn(session session.SessionStore) bool {
return SignedInId(session) > 0
}
"github.com/Unknwon/goconfig"
"github.com/gogits/cache"
+ "github.com/gogits/session"
"github.com/gogits/gogs/modules/log"
)
LogMode string
LogConfig string
+
+ SessionProvider string
+ SessionConfig *session.Config
+ SessionManager *session.Manager
)
var Service struct {
log.Info("Cache Service Enabled")
}
+func newSessionService() {
+ SessionProvider = Cfg.MustValue("session", "PROVIDER", "memory")
+
+ SessionConfig = new(session.Config)
+ SessionConfig.ProviderConfig = Cfg.MustValue("session", "PROVIDER_CONFIG")
+ SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
+ SessionConfig.CookieSecure = Cfg.MustBool("session", "COOKIE_SECURE")
+ SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
+ SessionConfig.GcIntervalTime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
+ SessionConfig.SessionLifeTime = Cfg.MustInt64("session", "SESSION_LIFE_TIME", 86400)
+ SessionConfig.SessionIDHashFunc = Cfg.MustValue("session", "SESSION_ID_HASHFUNC", "sha1")
+ SessionConfig.SessionIDHashKey = Cfg.MustValue("session", "SESSION_ID_HASHKEY")
+
+ var err error
+ SessionManager, err = session.NewManager(SessionProvider, *SessionConfig)
+ if err != nil {
+ fmt.Printf("Init session system failed, provider: %s, %v\n",
+ SessionProvider, err)
+ os.Exit(2)
+ }
+
+ log.Info("Session Service Enabled")
+}
+
func newMailService() {
// Check mailer setting.
if Cfg.MustBool("mailer", "ENABLED") {
newService()
newLogService()
newCacheService()
+ newSessionService()
newMailService()
newRegisterMailService()
}
"time"
"github.com/codegangsta/martini"
- "github.com/martini-contrib/sessions"
"github.com/gogits/cache"
+ "github.com/gogits/session"
"github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/auth"
p martini.Params
Req *http.Request
Res http.ResponseWriter
- Session sessions.Session
+ Session session.SessionStore
Cache cache.Cache
User *models.User
IsSigned bool
// InitContext initializes a classic context for a request.
func InitContext() martini.Handler {
- return func(res http.ResponseWriter, r *http.Request, c martini.Context,
- session sessions.Session, rd *Render) {
+ return func(res http.ResponseWriter, r *http.Request, c martini.Context, rd *Render) {
ctx := &Context{
c: c,
// p: p,
- Req: r,
- Res: res,
- Session: session,
- Cache: base.Cache,
- Render: rd,
+ Req: r,
+ Res: res,
+ Cache: base.Cache,
+ Render: rd,
}
+ // start session
+ ctx.Session = base.SessionManager.SessionStart(res, r)
+ defer func() {
+ ctx.Session.SessionRelease(res)
+ }()
+
// Get user from session if logined.
- user := auth.SignedInUser(session)
+ user := auth.SignedInUser(ctx.Session)
ctx.User = user
ctx.IsSigned = user != nil
user, err := models.LoginUserPlain(form.UserName, form.Password)
if err != nil {
- if err.Error() == models.ErrUserNotExist.Error() {
+ if err == models.ErrUserNotExist {
ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
return
}
"github.com/codegangsta/cli"
"github.com/codegangsta/martini"
- "github.com/martini-contrib/sessions"
"github.com/gogits/binding"
// Middlewares.
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
- // TODO: should use other store because cookie store is not secure.
- store := sessions.NewCookieStore([]byte("secret123"))
- m.Use(sessions.Sessions("my_session", store))
-
m.Use(middleware.InitContext())
reqSignIn := middleware.SignInRequire(true)
projects / gitea.git / commitdiff