aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/github.com/go-macaron/session
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/go-macaron/session')
-rw-r--r--vendor/github.com/go-macaron/session/couchbase/couchbase.go228
-rw-r--r--vendor/github.com/go-macaron/session/file.go5
-rw-r--r--vendor/github.com/go-macaron/session/flash.go61
-rw-r--r--vendor/github.com/go-macaron/session/memcache/memcache.go204
-rw-r--r--vendor/github.com/go-macaron/session/mysql/mysql.go200
-rw-r--r--vendor/github.com/go-macaron/session/nodb/nodb.go208
-rw-r--r--vendor/github.com/go-macaron/session/postgres/postgres.go201
-rw-r--r--vendor/github.com/go-macaron/session/redis/redis.go7
-rw-r--r--vendor/github.com/go-macaron/session/session.go104
-rw-r--r--vendor/github.com/go-macaron/session/utils.go5
10 files changed, 1162 insertions, 61 deletions
diff --git a/vendor/github.com/go-macaron/session/couchbase/couchbase.go b/vendor/github.com/go-macaron/session/couchbase/couchbase.go
new file mode 100644
index 0000000000..8001fd15f1
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/couchbase/couchbase.go
@@ -0,0 +1,228 @@
+// Copyright 2013 Beego Authors
+// Copyright 2014 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "strings"
+ "sync"
+
+ "github.com/couchbaselabs/go-couchbase"
+
+ "github.com/go-macaron/session"
+)
+
+// CouchbaseSessionStore represents a couchbase session store implementation.
+type CouchbaseSessionStore struct {
+ b *couchbase.Bucket
+ sid string
+ lock sync.RWMutex
+ data map[interface{}]interface{}
+ maxlifetime int64
+}
+
+// Set sets value to given key in session.
+func (s *CouchbaseSessionStore) Set(key, val interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data[key] = val
+ return nil
+}
+
+// Get gets value by given key in session.
+func (s *CouchbaseSessionStore) Get(key interface{}) interface{} {
+ s.lock.RLock()
+ defer s.lock.RUnlock()
+
+ return s.data[key]
+}
+
+// Delete delete a key from session.
+func (s *CouchbaseSessionStore) Delete(key interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ delete(s.data, key)
+ return nil
+}
+
+// ID returns current session ID.
+func (s *CouchbaseSessionStore) ID() string {
+ return s.sid
+}
+
+// Release releases resource and save data to provider.
+func (s *CouchbaseSessionStore) Release() error {
+ defer s.b.Close()
+
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
+ data, err := session.EncodeGob(s.data)
+ if err != nil {
+ return err
+ }
+
+ return s.b.Set(s.sid, int(s.maxlifetime), data)
+}
+
+// Flush deletes all session data.
+func (s *CouchbaseSessionStore) Flush() error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data = make(map[interface{}]interface{})
+ return nil
+}
+
+// CouchbaseProvider represents a couchbase session provider implementation.
+type CouchbaseProvider struct {
+ maxlifetime int64
+ connStr string
+ pool string
+ bucket string
+ b *couchbase.Bucket
+}
+
+func (cp *CouchbaseProvider) getBucket() *couchbase.Bucket {
+ c, err := couchbase.Connect(cp.connStr)
+ if err != nil {
+ return nil
+ }
+
+ pool, err := c.GetPool(cp.pool)
+ if err != nil {
+ return nil
+ }
+
+ bucket, err := pool.GetBucket(cp.bucket)
+ if err != nil {
+ return nil
+ }
+
+ return bucket
+}
+
+// Init initializes memory session provider.
+// connStr is couchbase server REST/JSON URL
+// e.g. http://host:port/, Pool, Bucket
+func (p *CouchbaseProvider) Init(maxlifetime int64, connStr string) error {
+ p.maxlifetime = maxlifetime
+ configs := strings.Split(connStr, ",")
+ if len(configs) > 0 {
+ p.connStr = configs[0]
+ }
+ if len(configs) > 1 {
+ p.pool = configs[1]
+ }
+ if len(configs) > 2 {
+ p.bucket = configs[2]
+ }
+
+ return nil
+}
+
+// Read returns raw session store by session ID.
+func (p *CouchbaseProvider) Read(sid string) (session.RawStore, error) {
+ p.b = p.getBucket()
+
+ var doc []byte
+
+ err := p.b.Get(sid, &doc)
+ var kv map[interface{}]interface{}
+ if doc == nil {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(doc)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ cs := &CouchbaseSessionStore{b: p.b, sid: sid, data: kv, maxlifetime: p.maxlifetime}
+ return cs, nil
+}
+
+// Exist returns true if session with given ID exists.
+func (p *CouchbaseProvider) Exist(sid string) bool {
+ p.b = p.getBucket()
+ defer p.b.Close()
+
+ var doc []byte
+
+ if err := p.b.Get(sid, &doc); err != nil || doc == nil {
+ return false
+ } else {
+ return true
+ }
+}
+
+// Destory deletes a session by session ID.
+func (p *CouchbaseProvider) Destory(sid string) error {
+ p.b = p.getBucket()
+ defer p.b.Close()
+
+ p.b.Delete(sid)
+ return nil
+}
+
+// Regenerate regenerates a session store from old session ID to new one.
+func (p *CouchbaseProvider) Regenerate(oldsid, sid string) (session.RawStore, error) {
+ p.b = p.getBucket()
+
+ var doc []byte
+ if err := p.b.Get(oldsid, &doc); err != nil || doc == nil {
+ p.b.Set(sid, int(p.maxlifetime), "")
+ } else {
+ err := p.b.Delete(oldsid)
+ if err != nil {
+ return nil, err
+ }
+ _, _ = p.b.Add(sid, int(p.maxlifetime), doc)
+ }
+
+ err := p.b.Get(sid, &doc)
+ if err != nil {
+ return nil, err
+ }
+ var kv map[interface{}]interface{}
+ if doc == nil {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(doc)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ cs := &CouchbaseSessionStore{b: p.b, sid: sid, data: kv, maxlifetime: p.maxlifetime}
+ return cs, nil
+}
+
+// Count counts and returns number of sessions.
+func (p *CouchbaseProvider) Count() int {
+ // FIXME
+ return 0
+}
+
+// GC calls GC to clean expired sessions.
+func (p *CouchbaseProvider) GC() {}
+
+func init() {
+ session.Register("couchbase", &CouchbaseProvider{})
+}
diff --git a/vendor/github.com/go-macaron/session/file.go b/vendor/github.com/go-macaron/session/file.go
index 9bbc7aed20..64b47f2b00 100644
--- a/vendor/github.com/go-macaron/session/file.go
+++ b/vendor/github.com/go-macaron/session/file.go
@@ -81,6 +81,11 @@ func (s *FileStore) Release() error {
s.p.lock.Lock()
defer s.p.lock.Unlock()
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
data, err := EncodeGob(s.data)
if err != nil {
return err
diff --git a/vendor/github.com/go-macaron/session/flash.go b/vendor/github.com/go-macaron/session/flash.go
new file mode 100644
index 0000000000..99aae71e22
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/flash.go
@@ -0,0 +1,61 @@
+// Copyright 2018 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "net/url"
+
+ "gopkg.in/macaron.v1"
+)
+
+type Flash struct {
+ ctx *macaron.Context
+ url.Values
+ ErrorMsg, WarningMsg, InfoMsg, SuccessMsg string
+}
+
+func (f *Flash) set(name, msg string, current ...bool) {
+ isShow := false
+ if (len(current) == 0 && macaron.FlashNow) ||
+ (len(current) > 0 && current[0]) {
+ isShow = true
+ }
+
+ if isShow {
+ f.ctx.Data["Flash"] = f
+ } else {
+ f.Set(name, msg)
+ }
+}
+
+func (f *Flash) Error(msg string, current ...bool) {
+ f.ErrorMsg = msg
+ f.set("error", msg, current...)
+}
+
+func (f *Flash) Warning(msg string, current ...bool) {
+ f.WarningMsg = msg
+ f.set("warning", msg, current...)
+}
+
+func (f *Flash) Info(msg string, current ...bool) {
+ f.InfoMsg = msg
+ f.set("info", msg, current...)
+}
+
+func (f *Flash) Success(msg string, current ...bool) {
+ f.SuccessMsg = msg
+ f.set("success", msg, current...)
+}
diff --git a/vendor/github.com/go-macaron/session/memcache/memcache.go b/vendor/github.com/go-macaron/session/memcache/memcache.go
new file mode 100644
index 0000000000..496939398b
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/memcache/memcache.go
@@ -0,0 +1,204 @@
+// Copyright 2013 Beego Authors
+// Copyright 2014 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "fmt"
+ "strings"
+ "sync"
+
+ "github.com/bradfitz/gomemcache/memcache"
+
+ "github.com/go-macaron/session"
+)
+
+// MemcacheStore represents a memcache session store implementation.
+type MemcacheStore struct {
+ c *memcache.Client
+ sid string
+ expire int32
+ lock sync.RWMutex
+ data map[interface{}]interface{}
+}
+
+// NewMemcacheStore creates and returns a memcache session store.
+func NewMemcacheStore(c *memcache.Client, sid string, expire int32, kv map[interface{}]interface{}) *MemcacheStore {
+ return &MemcacheStore{
+ c: c,
+ sid: sid,
+ expire: expire,
+ data: kv,
+ }
+}
+
+func NewItem(sid string, data []byte, expire int32) *memcache.Item {
+ return &memcache.Item{
+ Key: sid,
+ Value: data,
+ Expiration: expire,
+ }
+}
+
+// Set sets value to given key in session.
+func (s *MemcacheStore) Set(key, val interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data[key] = val
+ return nil
+}
+
+// Get gets value by given key in session.
+func (s *MemcacheStore) Get(key interface{}) interface{} {
+ s.lock.RLock()
+ defer s.lock.RUnlock()
+
+ return s.data[key]
+}
+
+// Delete delete a key from session.
+func (s *MemcacheStore) Delete(key interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ delete(s.data, key)
+ return nil
+}
+
+// ID returns current session ID.
+func (s *MemcacheStore) ID() string {
+ return s.sid
+}
+
+// Release releases resource and save data to provider.
+func (s *MemcacheStore) Release() error {
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
+ data, err := session.EncodeGob(s.data)
+ if err != nil {
+ return err
+ }
+
+ return s.c.Set(NewItem(s.sid, data, s.expire))
+}
+
+// Flush deletes all session data.
+func (s *MemcacheStore) Flush() error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data = make(map[interface{}]interface{})
+ return nil
+}
+
+// MemcacheProvider represents a memcache session provider implementation.
+type MemcacheProvider struct {
+ c *memcache.Client
+ expire int32
+}
+
+// Init initializes memcache session provider.
+// connStrs: 127.0.0.1:9090;127.0.0.1:9091
+func (p *MemcacheProvider) Init(expire int64, connStrs string) error {
+ p.expire = int32(expire)
+ p.c = memcache.New(strings.Split(connStrs, ";")...)
+ return nil
+}
+
+// Read returns raw session store by session ID.
+func (p *MemcacheProvider) Read(sid string) (session.RawStore, error) {
+ if !p.Exist(sid) {
+ if err := p.c.Set(NewItem(sid, []byte(""), p.expire)); err != nil {
+ return nil, err
+ }
+ }
+
+ var kv map[interface{}]interface{}
+ item, err := p.c.Get(sid)
+ if err != nil {
+ return nil, err
+ }
+ if len(item.Value) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(item.Value)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewMemcacheStore(p.c, sid, p.expire, kv), nil
+}
+
+// Exist returns true if session with given ID exists.
+func (p *MemcacheProvider) Exist(sid string) bool {
+ _, err := p.c.Get(sid)
+ return err == nil
+}
+
+// Destory deletes a session by session ID.
+func (p *MemcacheProvider) Destory(sid string) error {
+ return p.c.Delete(sid)
+}
+
+// Regenerate regenerates a session store from old session ID to new one.
+func (p *MemcacheProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) {
+ if p.Exist(sid) {
+ return nil, fmt.Errorf("new sid '%s' already exists", sid)
+ }
+
+ item := NewItem(sid, []byte(""), p.expire)
+ if p.Exist(oldsid) {
+ item, err = p.c.Get(oldsid)
+ if err != nil {
+ return nil, err
+ } else if err = p.c.Delete(oldsid); err != nil {
+ return nil, err
+ }
+ item.Key = sid
+ }
+ if err = p.c.Set(item); err != nil {
+ return nil, err
+ }
+
+ var kv map[interface{}]interface{}
+ if len(item.Value) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(item.Value)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewMemcacheStore(p.c, sid, p.expire, kv), nil
+}
+
+// Count counts and returns number of sessions.
+func (p *MemcacheProvider) Count() int {
+ // FIXME: how come this library does not have Stats method?
+ return -1
+}
+
+// GC calls GC to clean expired sessions.
+func (p *MemcacheProvider) GC() {}
+
+func init() {
+ session.Register("memcache", &MemcacheProvider{})
+}
diff --git a/vendor/github.com/go-macaron/session/mysql/mysql.go b/vendor/github.com/go-macaron/session/mysql/mysql.go
new file mode 100644
index 0000000000..7bde37445e
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/mysql/mysql.go
@@ -0,0 +1,200 @@
+// Copyright 2013 Beego Authors
+// Copyright 2014 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "database/sql"
+ "fmt"
+ "log"
+ "sync"
+ "time"
+
+ _ "github.com/go-sql-driver/mysql"
+
+ "github.com/go-macaron/session"
+)
+
+// MysqlStore represents a mysql session store implementation.
+type MysqlStore struct {
+ c *sql.DB
+ sid string
+ lock sync.RWMutex
+ data map[interface{}]interface{}
+}
+
+// NewMysqlStore creates and returns a mysql session store.
+func NewMysqlStore(c *sql.DB, sid string, kv map[interface{}]interface{}) *MysqlStore {
+ return &MysqlStore{
+ c: c,
+ sid: sid,
+ data: kv,
+ }
+}
+
+// Set sets value to given key in session.
+func (s *MysqlStore) Set(key, val interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data[key] = val
+ return nil
+}
+
+// Get gets value by given key in session.
+func (s *MysqlStore) Get(key interface{}) interface{} {
+ s.lock.RLock()
+ defer s.lock.RUnlock()
+
+ return s.data[key]
+}
+
+// Delete delete a key from session.
+func (s *MysqlStore) Delete(key interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ delete(s.data, key)
+ return nil
+}
+
+// ID returns current session ID.
+func (s *MysqlStore) ID() string {
+ return s.sid
+}
+
+// Release releases resource and save data to provider.
+func (s *MysqlStore) Release() error {
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
+ data, err := session.EncodeGob(s.data)
+ if err != nil {
+ return err
+ }
+
+ _, err = s.c.Exec("UPDATE session SET data=?, expiry=? WHERE `key`=?",
+ data, time.Now().Unix(), s.sid)
+ return err
+}
+
+// Flush deletes all session data.
+func (s *MysqlStore) Flush() error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data = make(map[interface{}]interface{})
+ return nil
+}
+
+// MysqlProvider represents a mysql session provider implementation.
+type MysqlProvider struct {
+ c *sql.DB
+ expire int64
+}
+
+// Init initializes mysql session provider.
+// connStr: username:password@protocol(address)/dbname?param=value
+func (p *MysqlProvider) Init(expire int64, connStr string) (err error) {
+ p.expire = expire
+
+ p.c, err = sql.Open("mysql", connStr)
+ if err != nil {
+ return err
+ }
+ return p.c.Ping()
+}
+
+// Read returns raw session store by session ID.
+func (p *MysqlProvider) Read(sid string) (session.RawStore, error) {
+ var data []byte
+ err := p.c.QueryRow("SELECT data FROM session WHERE `key`=?", sid).Scan(&data)
+ if err == sql.ErrNoRows {
+ _, err = p.c.Exec("INSERT INTO session(`key`,data,expiry) VALUES(?,?,?)",
+ sid, "", time.Now().Unix())
+ }
+ if err != nil {
+ return nil, err
+ }
+
+ var kv map[interface{}]interface{}
+ if len(data) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(data)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewMysqlStore(p.c, sid, kv), nil
+}
+
+// Exist returns true if session with given ID exists.
+func (p *MysqlProvider) Exist(sid string) bool {
+ var data []byte
+ err := p.c.QueryRow("SELECT data FROM session WHERE `key`=?", sid).Scan(&data)
+ if err != nil && err != sql.ErrNoRows {
+ panic("session/mysql: error checking existence: " + err.Error())
+ }
+ return err != sql.ErrNoRows
+}
+
+// Destory deletes a session by session ID.
+func (p *MysqlProvider) Destory(sid string) error {
+ _, err := p.c.Exec("DELETE FROM session WHERE `key`=?", sid)
+ return err
+}
+
+// Regenerate regenerates a session store from old session ID to new one.
+func (p *MysqlProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) {
+ if p.Exist(sid) {
+ return nil, fmt.Errorf("new sid '%s' already exists", sid)
+ }
+
+ if !p.Exist(oldsid) {
+ if _, err = p.c.Exec("INSERT INTO session(`key`,data,expiry) VALUES(?,?,?)",
+ oldsid, "", time.Now().Unix()); err != nil {
+ return nil, err
+ }
+ }
+
+ if _, err = p.c.Exec("UPDATE session SET `key`=? WHERE `key`=?", sid, oldsid); err != nil {
+ return nil, err
+ }
+
+ return p.Read(sid)
+}
+
+// Count counts and returns number of sessions.
+func (p *MysqlProvider) Count() (total int) {
+ if err := p.c.QueryRow("SELECT COUNT(*) AS NUM FROM session").Scan(&total); err != nil {
+ panic("session/mysql: error counting records: " + err.Error())
+ }
+ return total
+}
+
+// GC calls GC to clean expired sessions.
+func (p *MysqlProvider) GC() {
+ if _, err := p.c.Exec("DELETE FROM session WHERE expiry + ? <= UNIX_TIMESTAMP(NOW())", p.expire); err != nil {
+ log.Printf("session/mysql: error garbage collecting: %v", err)
+ }
+}
+
+func init() {
+ session.Register("mysql", &MysqlProvider{})
+}
diff --git a/vendor/github.com/go-macaron/session/nodb/nodb.go b/vendor/github.com/go-macaron/session/nodb/nodb.go
new file mode 100644
index 0000000000..8b5a711693
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/nodb/nodb.go
@@ -0,0 +1,208 @@
+// Copyright 2015 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "fmt"
+ "sync"
+
+ "github.com/lunny/nodb"
+ "github.com/lunny/nodb/config"
+
+ "github.com/go-macaron/session"
+)
+
+// NodbStore represents a nodb session store implementation.
+type NodbStore struct {
+ c *nodb.DB
+ sid string
+ expire int64
+ lock sync.RWMutex
+ data map[interface{}]interface{}
+}
+
+// NewNodbStore creates and returns a ledis session store.
+func NewNodbStore(c *nodb.DB, sid string, expire int64, kv map[interface{}]interface{}) *NodbStore {
+ return &NodbStore{
+ c: c,
+ expire: expire,
+ sid: sid,
+ data: kv,
+ }
+}
+
+// Set sets value to given key in session.
+func (s *NodbStore) Set(key, val interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data[key] = val
+ return nil
+}
+
+// Get gets value by given key in session.
+func (s *NodbStore) Get(key interface{}) interface{} {
+ s.lock.RLock()
+ defer s.lock.RUnlock()
+
+ return s.data[key]
+}
+
+// Delete delete a key from session.
+func (s *NodbStore) Delete(key interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ delete(s.data, key)
+ return nil
+}
+
+// ID returns current session ID.
+func (s *NodbStore) ID() string {
+ return s.sid
+}
+
+// Release releases resource and save data to provider.
+func (s *NodbStore) Release() error {
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
+ data, err := session.EncodeGob(s.data)
+ if err != nil {
+ return err
+ }
+
+ if err = s.c.Set([]byte(s.sid), data); err != nil {
+ return err
+ }
+ _, err = s.c.Expire([]byte(s.sid), s.expire)
+ return err
+}
+
+// Flush deletes all session data.
+func (s *NodbStore) Flush() error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data = make(map[interface{}]interface{})
+ return nil
+}
+
+// NodbProvider represents a ledis session provider implementation.
+type NodbProvider struct {
+ c *nodb.DB
+ expire int64
+}
+
+// Init initializes nodb session provider.
+func (p *NodbProvider) Init(expire int64, configs string) error {
+ p.expire = expire
+
+ cfg := new(config.Config)
+ cfg.DataDir = configs
+ dbs, err := nodb.Open(cfg)
+ if err != nil {
+ return fmt.Errorf("session/nodb: error opening db: %v", err)
+ }
+
+ p.c, err = dbs.Select(0)
+ return err
+}
+
+// Read returns raw session store by session ID.
+func (p *NodbProvider) Read(sid string) (session.RawStore, error) {
+ if !p.Exist(sid) {
+ if err := p.c.Set([]byte(sid), []byte("")); err != nil {
+ return nil, err
+ }
+ }
+
+ var kv map[interface{}]interface{}
+ kvs, err := p.c.Get([]byte(sid))
+ if err != nil {
+ return nil, err
+ }
+ if len(kvs) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(kvs)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewNodbStore(p.c, sid, p.expire, kv), nil
+}
+
+// Exist returns true if session with given ID exists.
+func (p *NodbProvider) Exist(sid string) bool {
+ count, err := p.c.Exists([]byte(sid))
+ return err == nil && count > 0
+}
+
+// Destory deletes a session by session ID.
+func (p *NodbProvider) Destory(sid string) error {
+ _, err := p.c.Del([]byte(sid))
+ return err
+}
+
+// Regenerate regenerates a session store from old session ID to new one.
+func (p *NodbProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) {
+ if p.Exist(sid) {
+ return nil, fmt.Errorf("new sid '%s' already exists", sid)
+ }
+
+ kvs := make([]byte, 0)
+ if p.Exist(oldsid) {
+ if kvs, err = p.c.Get([]byte(oldsid)); err != nil {
+ return nil, err
+ } else if _, err = p.c.Del([]byte(oldsid)); err != nil {
+ return nil, err
+ }
+ }
+
+ if err = p.c.Set([]byte(sid), kvs); err != nil {
+ return nil, err
+ } else if _, err = p.c.Expire([]byte(sid), p.expire); err != nil {
+ return nil, err
+ }
+
+ var kv map[interface{}]interface{}
+ if len(kvs) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob([]byte(kvs))
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewNodbStore(p.c, sid, p.expire, kv), nil
+}
+
+// Count counts and returns number of sessions.
+func (p *NodbProvider) Count() int {
+ // FIXME: how come this library does not have DbSize() method?
+ return -1
+}
+
+// GC calls GC to clean expired sessions.
+func (p *NodbProvider) GC() {}
+
+func init() {
+ session.Register("nodb", &NodbProvider{})
+}
diff --git a/vendor/github.com/go-macaron/session/postgres/postgres.go b/vendor/github.com/go-macaron/session/postgres/postgres.go
new file mode 100644
index 0000000000..f1e034b501
--- /dev/null
+++ b/vendor/github.com/go-macaron/session/postgres/postgres.go
@@ -0,0 +1,201 @@
+// Copyright 2013 Beego Authors
+// Copyright 2014 The Macaron Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"): you may
+// not use this file except in compliance with the License. You may obtain
+// a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations
+// under the License.
+
+package session
+
+import (
+ "database/sql"
+ "fmt"
+ "log"
+ "sync"
+ "time"
+
+ _ "github.com/lib/pq"
+
+ "github.com/go-macaron/session"
+)
+
+// PostgresStore represents a postgres session store implementation.
+type PostgresStore struct {
+ c *sql.DB
+ sid string
+ lock sync.RWMutex
+ data map[interface{}]interface{}
+}
+
+// NewPostgresStore creates and returns a postgres session store.
+func NewPostgresStore(c *sql.DB, sid string, kv map[interface{}]interface{}) *PostgresStore {
+ return &PostgresStore{
+ c: c,
+ sid: sid,
+ data: kv,
+ }
+}
+
+// Set sets value to given key in session.
+func (s *PostgresStore) Set(key, value interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data[key] = value
+ return nil
+}
+
+// Get gets value by given key in session.
+func (s *PostgresStore) Get(key interface{}) interface{} {
+ s.lock.RLock()
+ defer s.lock.RUnlock()
+
+ return s.data[key]
+}
+
+// Delete delete a key from session.
+func (s *PostgresStore) Delete(key interface{}) error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ delete(s.data, key)
+ return nil
+}
+
+// ID returns current session ID.
+func (s *PostgresStore) ID() string {
+ return s.sid
+}
+
+// save postgres session values to database.
+// must call this method to save values to database.
+func (s *PostgresStore) Release() error {
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
+ data, err := session.EncodeGob(s.data)
+ if err != nil {
+ return err
+ }
+
+ _, err = s.c.Exec("UPDATE session SET data=$1, expiry=$2 WHERE key=$3",
+ data, time.Now().Unix(), s.sid)
+ return err
+}
+
+// Flush deletes all session data.
+func (s *PostgresStore) Flush() error {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ s.data = make(map[interface{}]interface{})
+ return nil
+}
+
+// PostgresProvider represents a postgres session provider implementation.
+type PostgresProvider struct {
+ c *sql.DB
+ maxlifetime int64
+}
+
+// Init initializes postgres session provider.
+// connStr: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
+func (p *PostgresProvider) Init(maxlifetime int64, connStr string) (err error) {
+ p.maxlifetime = maxlifetime
+
+ p.c, err = sql.Open("postgres", connStr)
+ if err != nil {
+ return err
+ }
+ return p.c.Ping()
+}
+
+// Read returns raw session store by session ID.
+func (p *PostgresProvider) Read(sid string) (session.RawStore, error) {
+ var data []byte
+ err := p.c.QueryRow("SELECT data FROM session WHERE key=$1", sid).Scan(&data)
+ if err == sql.ErrNoRows {
+ _, err = p.c.Exec("INSERT INTO session(key,data,expiry) VALUES($1,$2,$3)",
+ sid, "", time.Now().Unix())
+ }
+ if err != nil {
+ return nil, err
+ }
+
+ var kv map[interface{}]interface{}
+ if len(data) == 0 {
+ kv = make(map[interface{}]interface{})
+ } else {
+ kv, err = session.DecodeGob(data)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return NewPostgresStore(p.c, sid, kv), nil
+}
+
+// Exist returns true if session with given ID exists.
+func (p *PostgresProvider) Exist(sid string) bool {
+ var data []byte
+ err := p.c.QueryRow("SELECT data FROM session WHERE key=$1", sid).Scan(&data)
+ if err != nil && err != sql.ErrNoRows {
+ panic("session/postgres: error checking existence: " + err.Error())
+ }
+ return err != sql.ErrNoRows
+}
+
+// Destory deletes a session by session ID.
+func (p *PostgresProvider) Destory(sid string) error {
+ _, err := p.c.Exec("DELETE FROM session WHERE key=$1", sid)
+ return err
+}
+
+// Regenerate regenerates a session store from old session ID to new one.
+func (p *PostgresProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) {
+ if p.Exist(sid) {
+ return nil, fmt.Errorf("new sid '%s' already exists", sid)
+ }
+
+ if !p.Exist(oldsid) {
+ if _, err = p.c.Exec("INSERT INTO session(key,data,expiry) VALUES($1,$2,$3)",
+ oldsid, "", time.Now().Unix()); err != nil {
+ return nil, err
+ }
+ }
+
+ if _, err = p.c.Exec("UPDATE session SET key=$1 WHERE key=$2", sid, oldsid); err != nil {
+ return nil, err
+ }
+
+ return p.Read(sid)
+}
+
+// Count counts and returns number of sessions.
+func (p *PostgresProvider) Count() (total int) {
+ if err := p.c.QueryRow("SELECT COUNT(*) AS NUM FROM session").Scan(&total); err != nil {
+ panic("session/postgres: error counting records: " + err.Error())
+ }
+ return total
+}
+
+// GC calls GC to clean expired sessions.
+func (p *PostgresProvider) GC() {
+ if _, err := p.c.Exec("DELETE FROM session WHERE EXTRACT(EPOCH FROM NOW()) - expiry > $1", p.maxlifetime); err != nil {
+ log.Printf("session/postgres: error garbage collecting: %v", err)
+ }
+}
+
+func init() {
+ session.Register("postgres", &PostgresProvider{})
+}
diff --git a/vendor/github.com/go-macaron/session/redis/redis.go b/vendor/github.com/go-macaron/session/redis/redis.go
index ca1cf88de6..2d7fe98405 100644
--- a/vendor/github.com/go-macaron/session/redis/redis.go
+++ b/vendor/github.com/go-macaron/session/redis/redis.go
@@ -81,6 +81,11 @@ func (s *RedisStore) ID() string {
// Release releases resource and save data to provider.
func (s *RedisStore) Release() error {
+ // Skip encoding if the data is empty
+ if len(s.data) == 0 {
+ return nil
+ }
+
data, err := session.EncodeGob(s.data)
if err != nil {
return err
@@ -153,7 +158,7 @@ func (p *RedisProvider) Init(maxlifetime int64, configs string) (err error) {
func (p *RedisProvider) Read(sid string) (session.RawStore, error) {
psid := p.prefix + sid
if !p.Exist(sid) {
- if err := p.c.Set(psid, "").Err(); err != nil {
+ if err := p.c.SetEx(psid, p.duration, "").Err(); err != nil {
return nil, err
}
}
diff --git a/vendor/github.com/go-macaron/session/session.go b/vendor/github.com/go-macaron/session/session.go
index d9bbae2032..97fa56ede6 100644
--- a/vendor/github.com/go-macaron/session/session.go
+++ b/vendor/github.com/go-macaron/session/session.go
@@ -22,13 +22,12 @@ import (
"fmt"
"net/http"
"net/url"
- "strings"
"time"
"gopkg.in/macaron.v1"
)
-const _VERSION = "0.4.0"
+const _VERSION = "0.6.0"
func Version() string {
return _VERSION
@@ -96,6 +95,8 @@ type Options struct {
IDLength int
// Configuration section name. Default is "session".
Section string
+ // Ignore release for websocket. Default is false.
+ IgnoreReleaseForWebSocket bool
}
func prepareOptions(options []Options) Options {
@@ -138,6 +139,9 @@ func prepareOptions(options []Options) Options {
if opt.IDLength == 0 {
opt.IDLength = sec.Key("ID_LENGTH").MustInt(16)
}
+ if !opt.IgnoreReleaseForWebSocket {
+ opt.IgnoreReleaseForWebSocket = sec.Key("IGNORE_RELEASE_FOR_WEBSOCKET").MustBool()
+ }
return opt
}
@@ -187,6 +191,10 @@ func Sessioner(options ...Options) macaron.Handler {
ctx.Next()
+ if manager.opt.IgnoreReleaseForWebSocket && ctx.Req.Header.Get("Upgrade") == "websocket" {
+ return
+ }
+
if err = sess.Release(); err != nil {
panic("session(release): " + err.Error())
}
@@ -252,12 +260,30 @@ func (m *Manager) sessionID() string {
return hex.EncodeToString(generateRandomKey(m.opt.IDLength / 2))
}
+// validSessionID tests whether a provided session ID is a valid session ID.
+func (m *Manager) validSessionID(sid string) (bool, error) {
+ if len(sid) != m.opt.IDLength {
+ return false, errors.New("invalid 'sid': " + sid)
+ }
+
+ for i := range sid {
+ switch {
+ case '0' <= sid[i] && sid[i] <= '9':
+ case 'a' <= sid[i] && sid[i] <= 'f':
+ default:
+ return false, errors.New("invalid 'sid': " + sid)
+ }
+ }
+ return true, nil
+}
+
// Start starts a session by generating new one
// or retrieve existence one by reading session ID from HTTP request if it's valid.
func (m *Manager) Start(ctx *macaron.Context) (RawStore, error) {
sid := ctx.GetCookie(m.opt.CookieName)
- if len(sid) > 0 && m.provider.Exist(sid) {
- return m.Read(sid)
+ valid, _ := m.validSessionID(sid)
+ if len(sid) > 0 && valid && m.provider.Exist(sid) {
+ return m.provider.Read(sid)
}
sid = m.sessionID()
@@ -284,10 +310,9 @@ func (m *Manager) Start(ctx *macaron.Context) (RawStore, error) {
// Read returns raw session store by session ID.
func (m *Manager) Read(sid string) (RawStore, error) {
- // No slashes or dots "./" should ever occur in the sid and to prevent session file forgery bug.
- // See https://github.com/gogs/gogs/issues/5469
- if strings.ContainsAny(sid, "./") {
- return nil, errors.New("invalid 'sid': " + sid)
+ // Ensure we're trying to read a valid session ID
+ if _, err := m.validSessionID(sid); err != nil {
+ return nil, err
}
return m.provider.Read(sid)
@@ -300,6 +325,10 @@ func (m *Manager) Destory(ctx *macaron.Context) error {
return nil
}
+ if _, err := m.validSessionID(sid); err != nil {
+ return err
+ }
+
if err := m.provider.Destory(sid); err != nil {
return err
}
@@ -318,11 +347,15 @@ func (m *Manager) Destory(ctx *macaron.Context) error {
func (m *Manager) RegenerateId(ctx *macaron.Context) (sess RawStore, err error) {
sid := m.sessionID()
oldsid := ctx.GetCookie(m.opt.CookieName)
+ _, err = m.validSessionID(oldsid)
+ if err != nil {
+ return nil, err
+ }
sess, err = m.provider.Regenerate(oldsid, sid)
if err != nil {
return nil, err
}
- ck := &http.Cookie{
+ cookie := &http.Cookie{
Name: m.opt.CookieName,
Value: sid,
Path: m.opt.CookiePath,
@@ -331,10 +364,10 @@ func (m *Manager) RegenerateId(ctx *macaron.Context) (sess RawStore, err error)
Domain: m.opt.Domain,
}
if m.opt.CookieLifeTime >= 0 {
- ck.MaxAge = m.opt.CookieLifeTime
+ cookie.MaxAge = m.opt.CookieLifeTime
}
- http.SetCookie(ctx.Resp, ck)
- ctx.Req.AddCookie(ck)
+ http.SetCookie(ctx.Resp, cookie)
+ ctx.Req.AddCookie(cookie)
return sess, nil
}
@@ -358,50 +391,3 @@ func (m *Manager) startGC() {
func (m *Manager) SetSecure(secure bool) {
m.opt.Secure = secure
}
-
-// ___________.____ _____ _________ ___ ___
-// \_ _____/| | / _ \ / _____// | \
-// | __) | | / /_\ \ \_____ \/ ~ \
-// | \ | |___/ | \/ \ Y /
-// \___ / |_______ \____|__ /_______ /\___|_ /
-// \/ \/ \/ \/ \/
-
-type Flash struct {
- ctx *macaron.Context
- url.Values
- ErrorMsg, WarningMsg, InfoMsg, SuccessMsg string
-}
-
-func (f *Flash) set(name, msg string, current ...bool) {
- isShow := false
- if (len(current) == 0 && macaron.FlashNow) ||
- (len(current) > 0 && current[0]) {
- isShow = true
- }
-
- if isShow {
- f.ctx.Data["Flash"] = f
- } else {
- f.Set(name, msg)
- }
-}
-
-func (f *Flash) Error(msg string, current ...bool) {
- f.ErrorMsg = msg
- f.set("error", msg, current...)
-}
-
-func (f *Flash) Warning(msg string, current ...bool) {
- f.WarningMsg = msg
- f.set("warning", msg, current...)
-}
-
-func (f *Flash) Info(msg string, current ...bool) {
- f.InfoMsg = msg
- f.set("info", msg, current...)
-}
-
-func (f *Flash) Success(msg string, current ...bool) {
- f.SuccessMsg = msg
- f.set("success", msg, current...)
-}
diff --git a/vendor/github.com/go-macaron/session/utils.go b/vendor/github.com/go-macaron/session/utils.go
index 07a1283df9..90ca38064b 100644
--- a/vendor/github.com/go-macaron/session/utils.go
+++ b/vendor/github.com/go-macaron/session/utils.go
@@ -50,11 +50,14 @@ func DecodeGob(encoded []byte) (out map[interface{}]interface{}, err error) {
return out, err
}
+// NOTE: A local copy in case of underlying package change
+var alphanum = []byte("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz")
+
// generateRandomKey creates a random key with the given strength.
func generateRandomKey(strength int) []byte {
k := make([]byte, strength)
if n, err := io.ReadFull(rand.Reader, k); n != strength || err != nil {
- return com.RandomCreateBytes(strength)
+ return com.RandomCreateBytes(strength, alphanum...)
}
return k
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-22 12:59:55 +0000