Fix session retrieval issue after migrating to Redis cache
This commit is contained in:
@ -37,8 +37,8 @@ func POST(w http.ResponseWriter, r *http.Request) {
|
||||
totp := gotp.NewDefaultTOTP(user.Totp)
|
||||
|
||||
if totp.Verify(code, time.Now().Unix()) {
|
||||
storeSession, err := session.Get(key)
|
||||
err = storeSession.Change(types.User{
|
||||
storeSession := session.Get(key)
|
||||
err := storeSession.Change(types.User{
|
||||
UserID: user.UserID,
|
||||
Email: user.Email,
|
||||
Username: user.Username,
|
||||
|
||||
@ -2,6 +2,7 @@ package logoutHandler
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"github.com/fossyy/filekeeper/types"
|
||||
"net/http"
|
||||
|
||||
"github.com/fossyy/filekeeper/session"
|
||||
@ -9,12 +10,12 @@ import (
|
||||
)
|
||||
|
||||
func GET(w http.ResponseWriter, r *http.Request) {
|
||||
userSession := r.Context().Value("user").(types.User)
|
||||
cookie, err := r.Cookie("Session")
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
storeSession, err := session.Get(cookie.Value)
|
||||
storeSession := session.Get(cookie.Value)
|
||||
if err != nil {
|
||||
if errors.Is(err, &session.SessionNotFoundError{}) {
|
||||
storeSession.Destroy(w)
|
||||
@ -23,8 +24,16 @@ func GET(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
storeSession.Delete()
|
||||
session.RemoveSessionInfo(storeSession.Values.Email, cookie.Value)
|
||||
err = storeSession.Delete()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
return
|
||||
}
|
||||
err = session.RemoveSessionInfo(userSession.Email, cookie.Value)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
return
|
||||
}
|
||||
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: utils.Getenv("SESSION_NAME"),
|
||||
|
||||
@ -10,7 +10,7 @@ func DELETE(w http.ResponseWriter, r *http.Request) {
|
||||
id := r.PathValue("id")
|
||||
|
||||
_, mySession, _ := session.GetSession(r)
|
||||
otherSession, _ := session.Get(id)
|
||||
otherSession := session.Get(id)
|
||||
if _, err := session.GetSessionInfo(mySession.Email, otherSession.ID); err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
CREATE TABLE IF NOT EXISTS users (user_id VARCHAR(255) PRIMARY KEY NOT NULL,username VARCHAR(255) UNIQUE NOT NULL,email VARCHAR(255) UNIQUE NOT NULL,password TEXT NOT NULL,totp VARCHAR(255) DEFAULT NULL);
|
||||
CREATE TABLE IF NOT EXISTS files (id VARCHAR(255) PRIMARY KEY NOT NULL,owner_id VARCHAR(255) NOT NULL,name TEXT NOT NULL,size BIGINT NOT NULL,downloaded BIGINT NOT NULL,uploaded_byte BIGINT NOT NULL DEFAULT 0, uploaded_chunk BIGINT NOT NULL DEFAULT -1,done BOOLEAN NOT NULL DEFAULT FALSE,FOREIGN KEY (owner_id) REFERENCES users(user_id));
|
||||
CREATE TABLE IF NOT EXISTS users (user_id UUID PRIMARY KEY NOT NULL, username VARCHAR(255) UNIQUE NOT NULL, email VARCHAR(255) UNIQUE NOT NULL, password TEXT NOT NULL, totp VARCHAR(255) NOT NULL);
|
||||
CREATE TABLE IF NOT EXISTS files (id UUID PRIMARY KEY NOT NULL, owner_id UUID NOT NULL, name TEXT NOT NULL, size BIGINT NOT NULL, total_chunk BIGINT NOT NULL, downloaded BIGINT NOT NULL DEFAULT 0, FOREIGN KEY (owner_id) REFERENCES users(user_id));
|
||||
|
||||
@ -16,9 +16,7 @@ import (
|
||||
)
|
||||
|
||||
type Session struct {
|
||||
ID string
|
||||
Values types.User
|
||||
CreateTime time.Time
|
||||
ID string
|
||||
}
|
||||
|
||||
type SessionInfo struct {
|
||||
@ -44,41 +42,24 @@ func (e *SessionNotFoundError) Error() string {
|
||||
return "session not found"
|
||||
}
|
||||
|
||||
func Get(id string) (*Session, error) {
|
||||
session, err := app.Server.Cache.GetCache(context.Background(), "Session:"+id)
|
||||
if err != nil {
|
||||
if errors.Is(err, redis.Nil) {
|
||||
return nil, &SessionNotFoundError{}
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
var userSession Session
|
||||
err = json.Unmarshal([]byte(session), &userSession)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &userSession, nil
|
||||
func Get(id string) *Session {
|
||||
return &Session{ID: id}
|
||||
}
|
||||
|
||||
func Create(values types.User) (*Session, error) {
|
||||
id := utils.GenerateRandomString(128)
|
||||
session := &Session{
|
||||
ID: id,
|
||||
CreateTime: time.Now(),
|
||||
Values: values,
|
||||
}
|
||||
|
||||
sessionData, err := json.Marshal(session)
|
||||
sessionData, err := json.Marshal(values)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = app.Server.Cache.SetCache(context.Background(), "Session:"+id, string(sessionData), time.Hour*24) // Set expiration time as needed
|
||||
err = app.Server.Cache.SetCache(context.Background(), "Session:"+id, string(sessionData), time.Hour*24)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return session, nil
|
||||
return &Session{ID: id}, nil
|
||||
}
|
||||
|
||||
func (s *Session) Change(user types.User) error {
|
||||
@ -200,23 +181,21 @@ func GetSession(r *http.Request) (UserStatus, types.User, string) {
|
||||
return Unauthorized, types.User{}, ""
|
||||
}
|
||||
|
||||
var storeSession Session
|
||||
var storeSession types.User
|
||||
err = json.Unmarshal([]byte(sessionData), &storeSession)
|
||||
|
||||
if err != nil {
|
||||
return Unauthorized, types.User{}, ""
|
||||
}
|
||||
|
||||
userSession := storeSession.Values
|
||||
|
||||
if !userSession.Authenticated && userSession.Totp != "" {
|
||||
return Unauthorized, userSession, cookie.Value
|
||||
if !storeSession.Authenticated && storeSession.Totp != "" {
|
||||
return Unauthorized, storeSession, cookie.Value
|
||||
}
|
||||
|
||||
if !userSession.Authenticated {
|
||||
if !storeSession.Authenticated {
|
||||
return Unauthorized, types.User{}, ""
|
||||
}
|
||||
|
||||
return Authorized, userSession, cookie.Value
|
||||
return Authorized, storeSession, cookie.Value
|
||||
}
|
||||
|
||||
func GetSessions(email string) ([]*SessionInfo, error) {
|
||||
|
||||
Reference in New Issue
Block a user