bagas/filekeeper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Redis support for session and user management

Browse Source
This commit is contained in:
Bagas Aulia Rezki
2024-09-08 00:03:43 +07:00
parent b9ac29d301
commit 2c5de2b336
26 changed files with 642 additions and 548 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/app.go
View File

@ -1,9 +1,9 @@
package app
import (
"github.com/fossyy/filekeeper/db"
"github.com/fossyy/filekeeper/email"
"github.com/fossyy/filekeeper/logger"
"github.com/fossyy/filekeeper/types"
"net/http"
)
@ -12,12 +12,14 @@ var Admin App
type App struct {
http.Server
Database db.Database
Database types.Database
Cache types.CachingServer
Service types.Services
Logger *logger.AggregatedLogger
Mail *email.SmtpServer
}
func NewClientServer(addr string, handler http.Handler, logger logger.AggregatedLogger, database db.Database, mail email.SmtpServer) App {
func NewClientServer(addr string, handler http.Handler, logger logger.AggregatedLogger, database types.Database, cache types.CachingServer, service types.Services, mail email.SmtpServer) App {
return App{
Server: http.Server{
Addr: addr,
@ -25,11 +27,13 @@ func NewClientServer(addr string, handler http.Handler, logger logger.Aggregated
},
Logger: &logger,
Database: database,
Cache: cache,
Service: service,
Mail: &mail,
}
}
func NewAdminServer(addr string, handler http.Handler, database db.Database) App {
func NewAdminServer(addr string, handler http.Handler, database types.Database) App {
return App{
Server: http.Server{
Addr: addr,

206
cache/cache.go vendored
View File

@ -1,177 +1,67 @@
package cache
import (
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/utils"
"github.com/google/uuid"
"sync"
"context"
"github.com/fossyy/filekeeper/types"
"github.com/redis/go-redis/v9"
"time"
)
type UserWithExpired struct {
UserID uuid.UUID
Username string
Email string
Password string
Totp string
AccessAt time.Time
mu sync.Mutex
type RedisServer struct {
client *redis.Client
database types.Database
}
type FileWithExpired struct {
ID uuid.UUID
OwnerID uuid.UUID
Name string
Size int64
Downloaded int64
UploadedByte int64
UploadedChunk int64
Done bool
AccessAt time.Time
mu sync.Mutex
func NewRedisServer(db types.Database) types.CachingServer {
client := redis.NewClient(&redis.Options{
Addr: "localhost:6379",
Password: "Password123",
DB: 0,
})
return &RedisServer{client: client, database: db}
}
var userCache map[string]*UserWithExpired
var fileCache map[string]*FileWithExpired
func (r *RedisServer) GetCache(ctx context.Context, key string) (string, error) {
val, err := r.client.Get(ctx, key).Result()
if err != nil {
return "", err
}
return val, nil
}
func init() {
func (r *RedisServer) SetCache(ctx context.Context, key string, value interface{}, expiration time.Duration) error {
err := r.client.Set(ctx, key, value, expiration).Err()
if err != nil {
return err
}
return nil
}
userCache = make(map[string]*UserWithExpired)
fileCache = make(map[string]*FileWithExpired)
ticker := time.NewTicker(time.Minute)
func (r *RedisServer) DeleteCache(ctx context.Context, key string) error {
err := r.client.Del(ctx, key).Err()
if err != nil {
return err
}
return nil
}
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [user] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
func (r *RedisServer) GetKeys(ctx context.Context, pattern string) ([]string, error) {
var cursor uint64
var keys []string
for {
var newKeys []string
var err error
for _, user := range userCache {
user.mu.Lock()
if currentTime.Sub(user.AccessAt) > time.Hour*8 {
delete(userCache, user.Email)
cacheClean++
}
user.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [user] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
newKeys, cursor, err = r.client.Scan(ctx, cursor, pattern, 0).Result()
if err != nil {
return nil, err
}
}()
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [files] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
keys = append(keys, newKeys...)
for _, file := range fileCache {
file.mu.Lock()
if currentTime.Sub(file.AccessAt) > time.Minute*1 {
app.Server.Database.UpdateUploadedByte(file.UploadedByte, file.ID.String())
app.Server.Database.UpdateUploadedChunk(file.UploadedChunk, file.ID.String())
delete(fileCache, file.ID.String())
cacheClean++
}
file.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [files] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
if cursor == 0 {
break
}
}()
}
return keys, nil
}
func GetUser(email string) (*UserWithExpired, error) {
if user, ok := userCache[email]; ok {
return user, nil
}
userData, err := app.Server.Database.GetUser(email)
if err != nil {
return nil, err
}
userCache[email] = &UserWithExpired{
UserID: userData.UserID,
Username: userData.Username,
Email: userData.Email,
Password: userData.Password,
Totp: userData.Totp,
AccessAt: time.Now(),
}
return userCache[email], nil
}
func DeleteUser(email string) {
userCache[email].mu.Lock()
defer userCache[email].mu.Unlock()
delete(userCache, email)
}
func GetFile(id string) (*FileWithExpired, error) {
if file, ok := fileCache[id]; ok {
file.AccessAt = time.Now()
return file, nil
}
uploadData, err := app.Server.Database.GetFile(id)
if err != nil {
return nil, err
}
fileCache[id] = &FileWithExpired{
ID: uploadData.ID,
OwnerID: uploadData.OwnerID,
Name: uploadData.Name,
Size: uploadData.Size,
Downloaded: uploadData.Downloaded,
UploadedByte: uploadData.UploadedByte,
UploadedChunk: uploadData.UploadedChunk,
Done: uploadData.Done,
AccessAt: time.Now(),
}
return fileCache[id], nil
}
func (file *FileWithExpired) UpdateProgress(index int64, size int64) {
file.UploadedChunk = index
file.UploadedByte = size
file.AccessAt = time.Now()
}
func GetUserFile(name, ownerID string) (*FileWithExpired, error) {
fileData, err := app.Server.Database.GetUserFile(name, ownerID)
if err != nil {
return nil, err
}
file, err := GetFile(fileData.ID.String())
if err != nil {
return nil, err
}
return file, nil
}
func (file *FileWithExpired) FinalizeFileUpload() {
app.Server.Database.UpdateUploadedByte(file.UploadedByte, file.ID.String())
app.Server.Database.UpdateUploadedChunk(file.UploadedChunk, file.ID.String())
app.Server.Database.FinalizeFileUpload(file.ID.String())
delete(fileCache, file.ID.String())
return
}
//func DeleteUploadInfo(id string) {
// filesUploadedCache[id].mu.Lock()
// defer filesUploadedCache[id].mu.Unlock()
//
// delete(filesUploadedCache, id)
//}

26
db/database.go
View File

@ -3,6 +3,7 @@ package db
import (
"errors"
"fmt"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/types/models"
"gorm.io/driver/mysql"
"gorm.io/driver/postgres"
@ -27,28 +28,7 @@ const (
EnableSSL SSLMode = "enable"
)
type Database interface {
IsUserRegistered(email string, username string) bool
IsEmailRegistered(email string) bool
CreateUser(user *models.User) error
GetUser(email string) (*models.User, error)
GetAllUsers() ([]models.User, error)
UpdateUserPassword(email string, password string) error
CreateFile(file *models.File) error
GetFile(fileID string) (*models.File, error)
GetUserFile(name string, ownerID string) (*models.File, error)
GetFiles(ownerID string) ([]*models.File, error)
UpdateUploadedByte(index int64, fileID string)
UpdateUploadedChunk(index int64, fileID string)
FinalizeFileUpload(fileID string)
InitializeTotp(email string, secret string) error
}
func NewMYSQLdb(username, password, host, port, dbName string) Database {
func NewMYSQLdb(username, password, host, port, dbName string) types.Database {
var err error
var count int64
@ -110,7 +90,7 @@ func NewMYSQLdb(username, password, host, port, dbName string) Database {
return &mySQLdb{DB}
}
func NewPostgresDB(username, password, host, port, dbName string, mode SSLMode) Database {
func NewPostgresDB(username, password, host, port, dbName string, mode SSLMode) types.Database {
var err error
var count int64

3
go.mod
View File

@ -19,6 +19,8 @@ require (
require (
filippo.io/edwards25519 v1.1.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/go-sql-driver/mysql v1.8.1 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
@ -29,6 +31,7 @@ require (
github.com/jinzhu/now v1.1.5 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/redis/go-redis/v9 v9.6.1 // indirect
github.com/shoenig/go-m1cpu v0.1.6 // indirect
github.com/tklauser/go-sysconf v0.3.12 // indirect
github.com/tklauser/numcpus v0.6.1 // indirect

6
go.sum
View File

@ -2,9 +2,13 @@ filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
github.com/a-h/templ v0.2.707 h1:T1Gkd2ugbRglZ9rYw/VBchWOSZVKmetDbBkm4YubM7U=
github.com/a-h/templ v0.2.707/go.mod h1:5cqsugkq9IerRNucNsI4DEamdHPsoGMQy99DzydLhM8=
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
@ -37,6 +41,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4=
github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA=
github.com/shirou/gopsutil/v3 v3.24.5 h1:i0t8kL+kQTvpAYToeuiVk3TgDeKOFioZO3Ztz/iZ9pI=
github.com/shirou/gopsutil/v3 v3.24.5/go.mod h1:bsoOS1aStSs9ErQ1WWfxllSeS1K5D+U30r2NfcubMVk=
github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=

70
handler/auth/google/callback/callback.go
View File

@ -6,15 +6,14 @@ import (
"errors"
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
googleOauthSetupHandler "github.com/fossyy/filekeeper/handler/auth/google/setup"
signinHandler "github.com/fossyy/filekeeper/handler/signin"
"github.com/fossyy/filekeeper/session"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/utils"
"github.com/redis/go-redis/v9"
"net/http"
"net/url"
"sync"
"time"
)
@ -46,49 +45,22 @@ type OauthUser struct {
VerifiedEmail bool `json:"verified_email"`
}
type CsrfToken struct {
Token string
CreateTime time.Time
mu sync.Mutex
}
var CsrfTokens map[string]*CsrfToken
func init() {
CsrfTokens = make(map[string]*CsrfToken)
ticker := time.NewTicker(time.Minute)
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [csrf_token] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
for _, data := range CsrfTokens {
data.mu.Lock()
if currentTime.Sub(data.CreateTime) > time.Minute*10 {
delete(CsrfTokens, data.Token)
cacheClean++
}
data.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [csrf_token] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
}
}()
}
func GET(w http.ResponseWriter, r *http.Request) {
if _, ok := CsrfTokens[r.URL.Query().Get("state")]; !ok {
//csrf token mismatch error
_, err := app.Server.Cache.GetCache(r.Context(), "CsrfTokens:"+r.URL.Query().Get("state"))
if err != nil {
if errors.Is(err, redis.Nil) {
w.WriteHeader(http.StatusUnauthorized)
return
}
w.WriteHeader(http.StatusInternalServerError)
return
}
delete(CsrfTokens, r.URL.Query().Get("state"))
err = app.Server.Cache.DeleteCache(r.Context(), "CsrfTokens:"+r.URL.Query().Get("state"))
if err != nil {
http.Redirect(w, r, fmt.Sprintf("/signin?error=%s", "csrf_token_error"), http.StatusFound)
return
}
if err := r.URL.Query().Get("error"); err != "" {
http.Redirect(w, r, fmt.Sprintf("/signin?error=%s", err), http.StatusFound)
@ -146,16 +118,23 @@ func GET(w http.ResponseWriter, r *http.Request) {
if !app.Server.Database.IsEmailRegistered(oauthUser.Email) {
code := utils.GenerateRandomString(64)
googleOauthSetupHandler.SetupUser[code] = &googleOauthSetupHandler.UnregisteredUser{
user := googleOauthSetupHandler.UnregisteredUser{
Code: code,
Email: oauthUser.Email,
CreateTime: time.Now(),
}
newGoogleSetupJSON, _ := json.Marshal(user)
err = app.Server.Cache.SetCache(r.Context(), "GoogleSetup:"+code, newGoogleSetupJSON, time.Minute*15)
if err != nil {
fmt.Println("Error setting up Google Setup:", err)
return
}
http.Redirect(w, r, fmt.Sprintf("/auth/google/setup/%s", code), http.StatusSeeOther)
return
}
user, err := cache.GetUser(oauthUser.Email)
user, err := app.Server.Service.GetUser(r.Context(), oauthUser.Email)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
@ -163,12 +142,15 @@ func GET(w http.ResponseWriter, r *http.Request) {
return
}
storeSession := session.Create()
storeSession.Values["user"] = types.User{
storeSession, err := session.Create(types.User{
UserID: user.UserID,
Email: oauthUser.Email,
Username: user.Username,
Authenticated: true,
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
userAgent := r.Header.Get("User-Agent")

18
handler/auth/google/google.go
View File

@ -1,17 +1,31 @@
package googleOauthHandler
import (
"encoding/json"
"fmt"
"github.com/fossyy/filekeeper/app"
googleOauthCallbackHandler "github.com/fossyy/filekeeper/handler/auth/google/callback"
"github.com/fossyy/filekeeper/utils"
"net/http"
"time"
)
type CsrfToken struct {
Token string
CreateTime time.Time
}
func GET(w http.ResponseWriter, r *http.Request) {
token, err := utils.GenerateCSRFToken()
googleOauthCallbackHandler.CsrfTokens[token] = &googleOauthCallbackHandler.CsrfToken{Token: token, CreateTime: time.Now()}
csrfToken := CsrfToken{
Token: token,
CreateTime: time.Now(),
}
newCsrfToken, err := json.Marshal(csrfToken)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
app.Server.Cache.SetCache(r.Context(), "CsrfTokens:"+token, newCsrfToken, time.Minute*15)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())

74
handler/auth/google/setup/setup.go
View File

@ -1,7 +1,8 @@
package googleOauthSetupHandler
import (
"fmt"
"encoding/json"
"errors"
"github.com/fossyy/filekeeper/app"
signinHandler "github.com/fossyy/filekeeper/handler/signin"
"github.com/fossyy/filekeeper/session"
@ -11,8 +12,8 @@ import (
"github.com/fossyy/filekeeper/view/client/auth"
signupView "github.com/fossyy/filekeeper/view/client/signup"
"github.com/google/uuid"
"github.com/redis/go-redis/v9"
"net/http"
"sync"
"time"
)
@ -20,50 +21,26 @@ type UnregisteredUser struct {
Code string
Email string
CreateTime time.Time
mu sync.Mutex
}
var SetupUser map[string]*UnregisteredUser
func init() {
SetupUser = make(map[string]*UnregisteredUser)
ticker := time.NewTicker(time.Minute)
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [GoogleSetup] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
for _, data := range SetupUser {
data.mu.Lock()
if currentTime.Sub(data.CreateTime) > time.Minute*10 {
delete(SetupUser, data.Code)
cacheClean++
}
data.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [GoogleSetup] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
}
}()
}
func GET(w http.ResponseWriter, r *http.Request) {
code := r.PathValue("code")
if _, ok := SetupUser[code]; !ok {
http.Redirect(w, r, "/signup", http.StatusSeeOther)
_, err := app.Server.Cache.GetCache(r.Context(), "GoogleSetup:"+code)
if err != nil {
if errors.Is(err, redis.Nil) {
http.Redirect(w, r, "/signup", http.StatusSeeOther)
return
}
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
return
}
component := authView.GoogleSetup("Filekeeper - Setup Page", types.Message{
Code: 3,
Message: "",
})
err := component.Render(r.Context(), w)
err = component.Render(r.Context(), w)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
@ -73,12 +50,22 @@ func GET(w http.ResponseWriter, r *http.Request) {
func POST(w http.ResponseWriter, r *http.Request) {
code := r.PathValue("code")
unregisteredUser, ok := SetupUser[code]
if !ok {
cache, err := app.Server.Cache.GetCache(r.Context(), "GoogleSetup:"+code)
if errors.Is(err, redis.Nil) {
http.Error(w, "Unauthorized Action", http.StatusUnauthorized)
return
}
err := r.ParseForm()
var unregisteredUser UnregisteredUser
err = json.Unmarshal([]byte(cache), &unregisteredUser)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
return
}
err = r.ParseForm()
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
@ -126,14 +113,15 @@ func POST(w http.ResponseWriter, r *http.Request) {
return
}
delete(SetupUser, code)
storeSession := session.Create()
storeSession.Values["user"] = types.User{
storeSession, err := session.Create(types.User{
UserID: userID,
Email: unregisteredUser.Email,
Username: username,
Authenticated: true,
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
userAgent := r.Header.Get("User-Agent")

12
handler/auth/totp/totp.go
View File

@ -38,14 +38,18 @@ func POST(w http.ResponseWriter, r *http.Request) {
if totp.Verify(code, time.Now().Unix()) {
storeSession, err := session.Get(key)
if err != nil {
return
}
storeSession.Values["user"] = types.User{
err = storeSession.Change(types.User{
UserID: user.UserID,
Email: user.Email,
Username: user.Username,
Authenticated: true,
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
if err != nil {
return
}
userAgent := r.Header.Get("User-Agent")
browserInfo, osInfo := ParseUserAgent(userAgent)

83
handler/forgotPassword/forgotPassword.go
View File

@ -3,13 +3,14 @@ package forgotPasswordHandler
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/view/client/email"
"github.com/fossyy/filekeeper/view/client/forgotPassword"
"github.com/google/uuid"
"github.com/redis/go-redis/v9"
"net/http"
"sync"
"time"
@ -27,35 +28,6 @@ type ForgotPassword struct {
CreateTime time.Time
}
var ListForgotPassword map[string]*ForgotPassword
var UserForgotPassword = make(map[string]string)
func init() {
ListForgotPassword = make(map[string]*ForgotPassword)
ticker := time.NewTicker(time.Minute)
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [Forgot Password] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
for _, data := range ListForgotPassword {
data.mu.Lock()
if currentTime.Sub(data.CreateTime) > time.Minute*10 {
delete(ListForgotPassword, data.User.Email)
delete(UserForgotPassword, data.Code)
cacheClean++
}
data.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [Forgot Password] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
}
}()
}
func GET(w http.ResponseWriter, r *http.Request) {
component := forgotPasswordView.Main("Filekeeper - Forgot Password Page", types.Message{
Code: 3,
@ -79,7 +51,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
emailForm := r.Form.Get("email")
user, err := cache.GetUser(emailForm)
user, err := app.Server.Service.GetUser(r.Context(), emailForm)
if errors.Is(err, gorm.ErrRecordNotFound) {
component := forgotPasswordView.Main("Filekeeper - Forgot Password Page", types.Message{
Code: 0,
@ -119,31 +91,48 @@ func POST(w http.ResponseWriter, r *http.Request) {
}
func verifyForgot(user *models.User) error {
var userData *ForgotPassword
var code string
var err error
code, err = app.Server.Cache.GetCache(context.Background(), "ForgotPasswordCode:"+user.Email)
if err != nil {
if errors.Is(err, redis.Nil) {
code = utils.GenerateRandomString(64)
userData = &ForgotPassword{
User: user,
Code: code,
CreateTime: time.Now(),
}
var buffer bytes.Buffer
data, ok := ListForgotPassword[user.Email]
if !ok {
code = utils.GenerateRandomString(64)
newForgotUser, err := json.Marshal(userData)
if err != nil {
return err
}
err = app.Server.Cache.SetCache(context.Background(), "ForgotPasswordCode:"+user.Email, code, time.Minute*15)
if err != nil {
return err
}
err = app.Server.Cache.SetCache(context.Background(), "ForgotPassword:"+userData.Code, newForgotUser, time.Minute*15)
if err != nil {
return err
}
} else {
return err
}
} else {
code = data.Code
storedCode, err := app.Server.Cache.GetCache(context.Background(), "ForgotPassword:"+code)
err = json.Unmarshal([]byte(storedCode), &userData)
if err != nil {
return err
}
}
err := emailView.ForgotPassword(user.Username, fmt.Sprintf("https://%s/forgot-password/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
var buffer bytes.Buffer
err = emailView.ForgotPassword(user.Username, fmt.Sprintf("https://%s/forgot-password/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
if err != nil {
return err
}
userData := &ForgotPassword{
User: user,
Code: code,
CreateTime: time.Now(),
}
UserForgotPassword[code] = user.Email
ListForgotPassword[user.Email] = userData
err = app.Server.Mail.Send(user.Email, "Password Change Request", buffer.String())
if err != nil {
return err

43
handler/forgotPassword/verify/verify.go
View File

@ -1,14 +1,16 @@
package forgotPasswordVerifyHandler
import (
"encoding/json"
"errors"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
forgotPasswordHandler "github.com/fossyy/filekeeper/handler/forgotPassword"
"github.com/fossyy/filekeeper/session"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/utils"
"github.com/fossyy/filekeeper/view/client/forgotPassword"
signupView "github.com/fossyy/filekeeper/view/client/signup"
"github.com/redis/go-redis/v9"
"net/http"
)
@ -21,11 +23,13 @@ func init() {
func GET(w http.ResponseWriter, r *http.Request) {
code := r.PathValue("code")
email := forgotPasswordHandler.UserForgotPassword[code]
_, ok := forgotPasswordHandler.ListForgotPassword[email]
if !ok {
w.WriteHeader(http.StatusNotFound)
_, err := app.Server.Cache.GetCache(r.Context(), "ForgotPassword:"+code)
if err != nil {
if errors.Is(err, redis.Nil) {
w.WriteHeader(http.StatusNotFound)
return
}
w.WriteHeader(http.StatusInternalServerError)
return
}
@ -33,7 +37,7 @@ func GET(w http.ResponseWriter, r *http.Request) {
Code: 3,
Message: "",
})
err := component.Render(r.Context(), w)
err = component.Render(r.Context(), w)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
@ -44,15 +48,20 @@ func GET(w http.ResponseWriter, r *http.Request) {
func POST(w http.ResponseWriter, r *http.Request) {
code := r.PathValue("code")
email := forgotPasswordHandler.UserForgotPassword[code]
data, ok := forgotPasswordHandler.ListForgotPassword[email]
if !ok {
data, err := app.Server.Cache.GetCache(r.Context(), "ForgotPassword:"+code)
if err != nil {
w.WriteHeader(http.StatusNotFound)
return
}
var userData *forgotPasswordHandler.ForgotPassword
err := r.ParseForm()
err = json.Unmarshal([]byte(data), &userData)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
err = r.ParseForm()
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
@ -82,19 +91,19 @@ func POST(w http.ResponseWriter, r *http.Request) {
return
}
err = app.Server.Database.UpdateUserPassword(data.User.Email, hashedPassword)
err = app.Server.Database.UpdateUserPassword(userData.User.Email, hashedPassword)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())
return
}
delete(forgotPasswordHandler.ListForgotPassword, data.User.Email)
delete(forgotPasswordHandler.UserForgotPassword, data.Code)
app.Server.Cache.DeleteCache(r.Context(), "ForgotPasswordCode:"+userData.User.Email)
app.Server.Cache.DeleteCache(r.Context(), "ForgotPassword:"+code)
session.RemoveAllSessions(data.User.Email)
session.RemoveAllSessions(userData.User.Email)
cache.DeleteUser(data.User.Email)
app.Server.Service.DeleteUser(userData.User.Email)
component := forgotPasswordView.ChangeSuccess("Filekeeper - Forgot Password Page")
err = component.Render(r.Context(), w)

3
handler/logout/logout.go
View File

@ -5,7 +5,6 @@ import (
"net/http"
"github.com/fossyy/filekeeper/session"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/utils"
)
@ -25,7 +24,7 @@ func GET(w http.ResponseWriter, r *http.Request) {
}
storeSession.Delete()
session.RemoveSessionInfo(storeSession.Values["user"].(types.User).Email, cookie.Value)
session.RemoveSessionInfo(storeSession.Values.Email, cookie.Value)
http.SetCookie(w, &http.Cookie{
Name: utils.Getenv("SESSION_NAME"),

21
handler/signin/signin.go
View File

@ -4,7 +4,6 @@ import (
"errors"
"github.com/a-h/templ"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/session"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/utils"
@ -37,8 +36,8 @@ func init() {
"login_required": "You need to log in again to proceed. Please try logging in again.",
"account_selection_required": "Please select an account to proceed with the request.",
"consent_required": "Consent is required to proceed. Please provide consent to continue.",
"csrf_token_error": "The CSRF token is missing or invalid. Please refresh the page and try again.",
}
}
func GET(w http.ResponseWriter, r *http.Request) {
@ -77,7 +76,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
}
email := r.Form.Get("email")
password := r.Form.Get("password")
userData, err := cache.GetUser(email)
userData, err := app.Server.Service.GetUser(r.Context(), email)
if err != nil {
component := signinView.Main("Filekeeper - Sign in Page", types.Message{
Code: 0,
@ -95,27 +94,33 @@ func POST(w http.ResponseWriter, r *http.Request) {
if email == userData.Email && utils.CheckPasswordHash(password, userData.Password) {
if userData.Totp != "" {
storeSession := session.Create()
storeSession.Values["user"] = types.User{
storeSession, err := session.Create(types.User{
UserID: userData.UserID,
Email: email,
Username: userData.Username,
Totp: userData.Totp,
Authenticated: false,
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
storeSession.Save(w)
http.Redirect(w, r, "/auth/totp", http.StatusSeeOther)
return
}
storeSession := session.Create()
storeSession.Values["user"] = types.User{
storeSession, err := session.Create(types.User{
UserID: userData.UserID,
Email: email,
Username: userData.Username,
Authenticated: true,
})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
userAgent := r.Header.Get("User-Agent")
browserInfo, osInfo := ParseUserAgent(userAgent)

2
handler/signup/signup.go
View File

@ -5,6 +5,7 @@ import (
"context"
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/utils"
"github.com/fossyy/filekeeper/view/client/email"
signupView "github.com/fossyy/filekeeper/view/client/signup"
"net/http"
@ -13,7 +14,6 @@ import (
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/types/models"
"github.com/fossyy/filekeeper/utils"
"github.com/google/uuid"
)

3
handler/upload/initialisation/initialisation.go
View File

@ -4,7 +4,6 @@ import (
"encoding/json"
"errors"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"io"
"net/http"
"os"
@ -31,7 +30,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
return
}
fileData, err := cache.GetUserFile(fileInfo.Name, userSession.UserID.String())
fileData, err := app.Server.Service.GetUserFile(fileInfo.Name, userSession.UserID.String())
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
upload, err := handleNewUpload(userSession, fileInfo)

144
handler/upload/upload.go
View File

@ -1,15 +1,8 @@
package uploadHandler
import (
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/types"
filesView "github.com/fossyy/filekeeper/view/client/upload"
"io"
"net/http"
"os"
"path/filepath"
"strconv"
)
func GET(w http.ResponseWriter, r *http.Request) {
@ -21,73 +14,74 @@ func GET(w http.ResponseWriter, r *http.Request) {
}
func POST(w http.ResponseWriter, r *http.Request) {
fileID := r.PathValue("id")
if err := r.ParseMultipartForm(32 << 20); err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
userSession := r.Context().Value("user").(types.User)
uploadDir := "uploads"
if _, err := os.Stat(uploadDir); os.IsNotExist(err) {
if err := os.Mkdir(uploadDir, os.ModePerm); err != nil {
app.Server.Logger.Error("error getting upload info: " + err.Error())
w.WriteHeader(http.StatusInternalServerError)
return
}
}
file, err := cache.GetFile(fileID)
if err != nil {
app.Server.Logger.Error("error getting upload info: " + err.Error())
w.WriteHeader(http.StatusInternalServerError)
return
}
currentDir, _ := os.Getwd()
basePath := filepath.Join(currentDir, uploadDir)
saveFolder := filepath.Join(basePath, userSession.UserID.String(), file.ID.String())
if filepath.Dir(saveFolder) != filepath.Join(basePath, userSession.UserID.String()) {
app.Server.Logger.Error("invalid path")
w.WriteHeader(http.StatusInternalServerError)
return
}
fileByte, fileHeader, err := r.FormFile("chunk")
if err != nil {
app.Server.Logger.Error("error getting upload info: " + err.Error())
w.WriteHeader(http.StatusInternalServerError)
return
}
defer fileByte.Close()
rawIndex := r.FormValue("index")
index, err := strconv.Atoi(rawIndex)
if err != nil {
return
}
file.UpdateProgress(int64(index), file.UploadedByte+int64(fileHeader.Size))
dst, err := os.OpenFile(filepath.Join(saveFolder, file.Name), os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0666)
if err != nil {
app.Server.Logger.Error("error making upload folder: " + err.Error())
w.WriteHeader(http.StatusInternalServerError)
return
}
defer dst.Close()
if _, err := io.Copy(dst, fileByte); err != nil {
app.Server.Logger.Error("error copying byte to file dst: " + err.Error())
w.WriteHeader(http.StatusInternalServerError)
return
}
if file.UploadedByte >= file.Size {
file.FinalizeFileUpload()
return
}
return
//fileID := r.PathValue("id")
//if err := r.ParseMultipartForm(32 << 20); err != nil {
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//
//userSession := r.Context().Value("user").(types.User)
//
//uploadDir := "uploads"
//if _, err := os.Stat(uploadDir); os.IsNotExist(err) {
// if err := os.Mkdir(uploadDir, os.ModePerm); err != nil {
// app.Server.Logger.Error("error getting upload info: " + err.Error())
// w.WriteHeader(http.StatusInternalServerError)
// return
// }
//}
//
//file, err := app.Server.Service.GetFile(fileID)
//if err != nil {
// app.Server.Logger.Error("error getting upload info: " + err.Error())
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//
//currentDir, _ := os.Getwd()
//basePath := filepath.Join(currentDir, uploadDir)
//saveFolder := filepath.Join(basePath, userSession.UserID.String(), file.ID.String())
//
//if filepath.Dir(saveFolder) != filepath.Join(basePath, userSession.UserID.String()) {
// app.Server.Logger.Error("invalid path")
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//
//fileByte, fileHeader, err := r.FormFile("chunk")
//if err != nil {
// app.Server.Logger.Error("error getting upload info: " + err.Error())
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//defer fileByte.Close()
//
//rawIndex := r.FormValue("index")
//index, err := strconv.Atoi(rawIndex)
//if err != nil {
// return
//}
//
//file.UpdateProgress(int64(index), file.UploadedByte+int64(fileHeader.Size))
//
//dst, err := os.OpenFile(filepath.Join(saveFolder, file.Name), os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0666)
//if err != nil {
// app.Server.Logger.Error("error making upload folder: " + err.Error())
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//
//defer dst.Close()
//if _, err := io.Copy(dst, fileByte); err != nil {
// app.Server.Logger.Error("error copying byte to file dst: " + err.Error())
// w.WriteHeader(http.StatusInternalServerError)
// return
//}
//
//if file.UploadedByte >= file.Size {
// file.FinalizeFileUpload()
// return
//}
//return
}

5
handler/user/ResetPassword/ResetPassword.go
View File

@ -2,7 +2,6 @@ package userHandlerResetPassword
import (
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/session"
"github.com/fossyy/filekeeper/types"
"github.com/fossyy/filekeeper/utils"
@ -14,7 +13,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
userSession := r.Context().Value("user").(types.User)
currentPassword := r.Form.Get("currentPassword")
password := r.Form.Get("password")
user, err := cache.GetUser(userSession.Email)
user, err := app.Server.Service.GetUser(r.Context(), userSession.Email)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
@ -38,7 +37,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
}
session.RemoveAllSessions(userSession.Email)
cache.DeleteUser(userSession.Email)
app.Server.Service.DeleteUser(userSession.Email)
http.Redirect(w, r, "/signin", http.StatusSeeOther)
return

12
handler/user/session/terminate/terminate.go
View File

@ -11,15 +11,21 @@ func DELETE(w http.ResponseWriter, r *http.Request) {
_, mySession, _ := session.GetSession(r)
otherSession, _ := session.Get(id)
if session.GetSessionInfo(mySession.Email, otherSession.ID) == nil {
if _, err := session.GetSessionInfo(mySession.Email, otherSession.ID); err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
otherSession.Delete()
session.RemoveSessionInfo(mySession.Email, otherSession.ID)
component := userView.SessionTable(session.GetSessions(mySession.Email))
sessions, err := session.GetSessions(mySession.Email)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
component := userView.SessionTable(sessions)
err := component.Render(r.Context(), w)
err = component.Render(r.Context(), w)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return

3
handler/user/totp/setup.go
View File

@ -5,7 +5,6 @@ import (
"encoding/base64"
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/view/client/user/totp"
"image/png"
"net/http"
@ -75,7 +74,7 @@ func POST(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusInternalServerError)
return
}
cache.DeleteUser(userSession.Email)
app.Server.Service.DeleteUser(userSession.Email)
component := userTotpSetupView.Main("Filekeeper - 2FA Setup Page", base64Str, secret, userSession, types.Message{
Code: 1,
Message: "Your TOTP setup is complete! Your account is now more secure.",

12
handler/user/user.go
View File

@ -17,24 +17,28 @@ var errorMessages = map[string]string{
func GET(w http.ResponseWriter, r *http.Request) {
var component templ.Component
userSession := r.Context().Value("user").(types.User)
sessions, err := session.GetSessions(userSession.Email)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
if err := r.URL.Query().Get("error"); err != "" {
message, ok := errorMessages[err]
if !ok {
message = "Unknown error occurred. Please contact support at bagas@fossy.my.id for assistance."
}
component = userView.Main("Filekeeper - User Page", userSession, session.GetSessions(userSession.Email), types.Message{
component = userView.Main("Filekeeper - User Page", userSession, sessions, types.Message{
Code: 0,
Message: message,
})
} else {
component = userView.Main("Filekeeper - User Page", userSession, session.GetSessions(userSession.Email), types.Message{
component = userView.Main("Filekeeper - User Page", userSession, sessions, types.Message{
Code: 1,
Message: "",
})
}
err := component.Render(r.Context(), w)
err = component.Render(r.Context(), w)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
app.Server.Logger.Error(err.Error())

6
main.go
View File

@ -3,12 +3,14 @@ package main
import (
"fmt"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/cache"
"github.com/fossyy/filekeeper/db"
"github.com/fossyy/filekeeper/email"
"github.com/fossyy/filekeeper/logger"
"github.com/fossyy/filekeeper/middleware"
"github.com/fossyy/filekeeper/routes/admin"
"github.com/fossyy/filekeeper/routes/client"
"github.com/fossyy/filekeeper/service"
"github.com/fossyy/filekeeper/utils"
"strconv"
)
@ -24,11 +26,13 @@ func main() {
dbName := utils.Getenv("DB_NAME")
database := db.NewPostgresDB(dbUser, dbPass, dbHost, dbPort, dbName, db.DisableSSL)
cacheServer := cache.NewRedisServer(database)
services := service.NewService(database, cacheServer)
smtpPort, _ := strconv.Atoi(utils.Getenv("SMTP_PORT"))
mailServer := email.NewSmtpServer(utils.Getenv("SMTP_HOST"), smtpPort, utils.Getenv("SMTP_USER"), utils.Getenv("SMTP_PASSWORD"))
app.Server = app.NewClientServer(clientAddr, middleware.Handler(client.SetupRoutes()), *logger.Logger(), database, mailServer)
app.Server = app.NewClientServer(clientAddr, middleware.Handler(client.SetupRoutes()), *logger.Logger(), database, cacheServer, services, mailServer)
app.Admin = app.NewAdminServer(adminAddr, middleware.Handler(admin.SetupRoutes()), database)
go func() {

5
middleware/middleware.go
View File

@ -81,13 +81,10 @@ func Handler(next http.Handler) http.Handler {
}
func Auth(next http.HandlerFunc, w http.ResponseWriter, r *http.Request) {
status, user, sessionID := session.GetSession(r)
status, user, _ := session.GetSession(r)
switch status {
case session.Authorized:
userSession := session.GetSessionInfo(user.Email, sessionID)
userSession.UpdateAccessTime()
ctx := context.WithValue(r.Context(), "user", user)
req := r.WithContext(ctx)
r.Context().Value("user")

120
service/service.go Normal file
View File

@ -0,0 +1,120 @@
package service
import (
"context"
"encoding/json"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/types"
"github.com/redis/go-redis/v9"
"time"
)
type Service struct {
db types.Database
cache types.CachingServer
}
func NewService(db types.Database, cache types.CachingServer) *Service {
return &Service{
db: db,
cache: cache,
}
}
func (r *Service) GetUser(ctx context.Context, email string) (*types.UserWithExpired, error) {
userJSON, err := app.Server.Cache.GetCache(ctx, "UserCache:"+email)
if err == redis.Nil {
userData, err := r.db.GetUser(email)
if err != nil {
return nil, err
}
user := &types.UserWithExpired{
UserID: userData.UserID,
Username: userData.Username,
Email: userData.Email,
Password: userData.Password,
Totp: userData.Totp,
AccessAt: time.Now(),
}
newUserJSON, _ := json.Marshal(user)
err = r.cache.SetCache(ctx, email, newUserJSON, time.Hour*24)
if err != nil {
return nil, err
}
return user, nil
}
if err != nil {
return nil, err
}
var user types.UserWithExpired
err = json.Unmarshal([]byte(userJSON), &user)
if err != nil {
return nil, err
}
return &user, nil
}
func (r *Service) DeleteUser(email string) {
err := r.cache.DeleteCache(context.Background(), "UserCache:"+email)
if err != nil {
return
}
}
func (r *Service) GetFile(id string) (*types.FileWithExpired, error) {
fileJSON, err := r.cache.GetCache(context.Background(), "FileCache:"+id)
if err == redis.Nil {
uploadData, err := r.db.GetFile(id)
if err != nil {
return nil, err
}
fileCache := &types.FileWithExpired{
ID: uploadData.ID,
OwnerID: uploadData.OwnerID,
Name: uploadData.Name,
Size: uploadData.Size,
Downloaded: uploadData.Downloaded,
UploadedByte: uploadData.UploadedByte,
UploadedChunk: uploadData.UploadedChunk,
Done: uploadData.Done,
AccessAt: time.Now(),
}
newFileJSON, _ := json.Marshal(fileCache)
err = r.cache.SetCache(context.Background(), "FileCache:"+id, newFileJSON, time.Hour*24)
if err != nil {
return nil, err
}
return fileCache, nil
}
if err != nil {
return nil, err
}
var fileCache types.FileWithExpired
err = json.Unmarshal([]byte(fileJSON), &fileCache)
if err != nil {
return nil, err
}
return &fileCache, nil
}
func (r *Service) GetUserFile(name, ownerID string) (*types.FileWithExpired, error) {
fileData, err := r.db.GetUserFile(name, ownerID)
if err != nil {
return nil, err
}
file, err := r.GetFile(fileData.ID.String())
if err != nil {
return nil, err
}
return file, nil
}

234
session/session.go
View File

@ -1,12 +1,15 @@
package session
import (
"fmt"
"context"
"encoding/json"
"errors"
"github.com/fossyy/filekeeper/app"
"github.com/fossyy/filekeeper/types"
"github.com/redis/go-redis/v9"
"net/http"
"strconv"
"sync"
"strings"
"time"
"github.com/fossyy/filekeeper/utils"
@ -14,9 +17,8 @@ import (
type Session struct {
ID string
Values map[string]interface{}
Values types.User
CreateTime time.Time
mu sync.Mutex
}
type SessionInfo struct {
@ -27,7 +29,6 @@ type SessionInfo struct {
OSVersion string
IP string
Location string
AccessAt string
}
type UserStatus string
@ -39,61 +40,65 @@ const (
InvalidSession UserStatus = "invalid_session"
)
var GlobalSessionStore = make(map[string]*Session)
var UserSessionInfoList = make(map[string]map[string]*SessionInfo)
func init() {
ticker := time.NewTicker(time.Minute)
go func() {
for {
<-ticker.C
currentTime := time.Now()
cacheClean := 0
cleanID := utils.GenerateRandomString(10)
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [Session] [%s] initiated at %02d:%02d:%02d", cleanID, currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
for _, data := range GlobalSessionStore {
data.mu.Lock()
if currentTime.Sub(data.CreateTime) > time.Hour*24*7 {
RemoveSessionInfo(data.Values["user"].(types.User).Email, data.ID)
delete(GlobalSessionStore, data.ID)
cacheClean++
}
data.mu.Unlock()
}
app.Server.Logger.Info(fmt.Sprintf("Cache cleanup [Session] [%s] completed: %d entries removed. Finished at %s", cleanID, cacheClean, time.Since(currentTime)))
}
}()
}
func (e *SessionNotFoundError) Error() string {
return "session not found"
}
func Get(id string) (*Session, error) {
if session, ok := GlobalSessionStore[id]; ok {
return session, nil
session, err := app.Server.Cache.GetCache(context.Background(), "Session:"+id)
if err != nil {
if errors.Is(err, redis.Nil) {
return nil, &SessionNotFoundError{}
}
return nil, err
}
return nil, &SessionNotFoundError{}
var userSession Session
err = json.Unmarshal([]byte(session), &userSession)
if err != nil {
return nil, err
}
return &userSession, nil
}
func Create() *Session {
func Create(values types.User) (*Session, error) {
id := utils.GenerateRandomString(128)
session := &Session{
ID: id,
CreateTime: time.Now(),
Values: make(map[string]interface{}),
Values: values,
}
GlobalSessionStore[id] = session
return session
sessionData, err := json.Marshal(session)
if err != nil {
return nil, err
}
err = app.Server.Cache.SetCache(context.Background(), "Session:"+id, string(sessionData), time.Hour*24) // Set expiration time as needed
if err != nil {
return nil, err
}
return session, nil
}
func (s *Session) Delete() {
s.mu.Lock()
defer s.mu.Unlock()
delete(GlobalSessionStore, s.ID)
func (s *Session) Change(user types.User) error {
newSessionValue, err := json.Marshal(user)
if err != nil {
return err
}
err = app.Server.Cache.SetCache(context.Background(), "Session:"+s.ID, newSessionValue, time.Hour*24*7)
if err != nil {
return err
}
return nil
}
func (s *Session) Delete() error {
err := app.Server.Cache.DeleteCache(context.Background(), "Session:"+s.ID)
if err != nil {
return err
}
return nil
}
func (s *Session) Save(w http.ResponseWriter) {
@ -114,46 +119,71 @@ func (s *Session) Destroy(w http.ResponseWriter) {
})
}
func AddSessionInfo(email string, sessionInfo *SessionInfo) {
if _, ok := UserSessionInfoList[email]; !ok {
UserSessionInfoList[email] = make(map[string]*SessionInfo)
func AddSessionInfo(email string, sessionInfo *SessionInfo) error {
sessionInfoData, err := json.Marshal(sessionInfo)
if err != nil {
return err
}
UserSessionInfoList[email][sessionInfo.SessionID] = sessionInfo
}
func RemoveSessionInfo(email string, id string) {
if userSessions, ok := UserSessionInfoList[email]; ok {
if _, ok := userSessions[id]; ok {
delete(userSessions, id)
if len(userSessions) == 0 {
delete(UserSessionInfoList, email)
}
}
err = app.Server.Cache.SetCache(context.Background(), "UserSessionInfo:"+email+":"+sessionInfo.SessionID, string(sessionInfoData), 0)
if err != nil {
return err
}
return nil
}
func RemoveAllSessions(email string) {
sessionInfos := UserSessionInfoList[email]
for _, sessionInfo := range sessionInfos {
delete(GlobalSessionStore, sessionInfo.SessionID)
}
delete(UserSessionInfoList, email)
}
func GetSessionInfo(email string, id string) *SessionInfo {
if userSession, ok := UserSessionInfoList[email]; ok {
if sessionInfo, ok := userSession[id]; ok {
return sessionInfo
}
func RemoveSessionInfo(email string, id string) error {
key := "UserSessionInfo:" + email + ":" + id
err := app.Server.Cache.DeleteCache(context.Background(), key)
if err != nil {
return err
}
return nil
}
func (sessionInfo *SessionInfo) UpdateAccessTime() {
currentTime := time.Now()
formattedTime := currentTime.Format("01-02-2006")
sessionInfo.AccessAt = formattedTime
func RemoveAllSessions(email string) error {
pattern := "UserSessionInfo:" + email + ":*"
keys, err := app.Server.Cache.GetKeys(context.Background(), pattern)
if err != nil {
return err
}
for _, key := range keys {
parts := strings.Split(key, ":")
sessionID := parts[2]
err = app.Server.Cache.DeleteCache(context.Background(), "Session:"+sessionID)
if err != nil {
return err
}
err = app.Server.Cache.DeleteCache(context.Background(), key)
if err != nil {
return err
}
}
return nil
}
func GetSessionInfo(email string, id string) (*SessionInfo, error) {
key := "UserSessionInfo:" + email + ":" + id
sessionInfoData, err := app.Server.Cache.GetCache(context.Background(), key)
if err != nil {
if errors.Is(err, redis.Nil) {
return nil, nil
}
return nil, err
}
var sessionInfo SessionInfo
err = json.Unmarshal([]byte(sessionInfoData), &sessionInfo)
if err != nil {
return nil, err
}
return &sessionInfo, nil
}
func GetSession(r *http.Request) (UserStatus, types.User, string) {
@ -162,18 +192,22 @@ func GetSession(r *http.Request) (UserStatus, types.User, string) {
return Unauthorized, types.User{}, ""
}
storeSession, ok := GlobalSessionStore[cookie.Value]
if !ok {
return InvalidSession, types.User{}, ""
}
val := storeSession.Values["user"]
var userSession = types.User{}
userSession, ok = val.(types.User)
if !ok {
sessionData, err := app.Server.Cache.GetCache(context.Background(), "Session:"+cookie.Value)
if err != nil {
if errors.Is(err, redis.Nil) {
return InvalidSession, types.User{}, ""
}
return Unauthorized, types.User{}, ""
}
var storeSession Session
err = json.Unmarshal([]byte(sessionData), &storeSession)
if err != nil {
return Unauthorized, types.User{}, ""
}
userSession := storeSession.Values
if !userSession.Authenticated && userSession.Totp != "" {
return Unauthorized, userSession, cookie.Value
}
@ -185,13 +219,27 @@ func GetSession(r *http.Request) (UserStatus, types.User, string) {
return Authorized, userSession, cookie.Value
}
func GetSessions(email string) []*SessionInfo {
if sessions, ok := UserSessionInfoList[email]; ok {
result := make([]*SessionInfo, 0, len(sessions))
for _, sessionInfo := range sessions {
result = append(result, sessionInfo)
}
return result
func GetSessions(email string) ([]*SessionInfo, error) {
pattern := "UserSessionInfo:" + email + ":*"
keys, err := app.Server.Cache.GetKeys(context.Background(), pattern)
if err != nil {
return nil, err
}
return nil
var sessions []*SessionInfo
for _, key := range keys {
sessionData, err := app.Server.Cache.GetCache(context.Background(), key)
if err != nil {
return nil, err
}
var sessionInfo SessionInfo
err = json.Unmarshal([]byte(sessionData), &sessionInfo)
if err != nil {
return nil, err
}
sessions = append(sessions, &sessionInfo)
}
return sessions, nil
}

59
types/types.go
View File

@ -1,7 +1,10 @@
package types
import (
"context"
"github.com/fossyy/filekeeper/types/models"
"github.com/google/uuid"
"time"
)
type Message struct {
@ -29,3 +32,59 @@ type FileData struct {
Size string
Downloaded int64
}
type UserWithExpired struct {
UserID uuid.UUID
Username string
Email string
Password string
Totp string
AccessAt time.Time
}
type FileWithExpired struct {
ID uuid.UUID
OwnerID uuid.UUID
Name string
Size int64
Downloaded int64
UploadedByte int64
UploadedChunk int64
Done bool
AccessAt time.Time
}
type Database interface {
IsUserRegistered(email string, username string) bool
IsEmailRegistered(email string) bool
CreateUser(user *models.User) error
GetUser(email string) (*models.User, error)
GetAllUsers() ([]models.User, error)
UpdateUserPassword(email string, password string) error
CreateFile(file *models.File) error
GetFile(fileID string) (*models.File, error)
GetUserFile(name string, ownerID string) (*models.File, error)
GetFiles(ownerID string) ([]*models.File, error)
UpdateUploadedByte(index int64, fileID string)
UpdateUploadedChunk(index int64, fileID string)
FinalizeFileUpload(fileID string)
InitializeTotp(email string, secret string) error
}
type CachingServer interface {
GetCache(ctx context.Context, key string) (string, error)
SetCache(ctx context.Context, key string, value interface{}, expiration time.Duration) error
DeleteCache(ctx context.Context, key string) error
GetKeys(ctx context.Context, pattern string) ([]string, error)
}
type Services interface {
GetUser(ctx context.Context, email string) (*UserWithExpired, error)
DeleteUser(email string)
GetFile(id string) (*FileWithExpired, error)
GetUserFile(name, ownerID string) (*FileWithExpired, error)
}

8
view/client/user/user.templ
View File

@ -99,10 +99,6 @@ templ content(message types.Message, title string, user types.User, ListSession
class="h-12 px-4 text-left align-middle font-medium text-muted-foreground [&amp;:has([role=checkbox])]:pr-0">
Device
</th>
<th
class="h-12 px-4 text-left align-middle font-medium text-muted-foreground [&amp;:has([role=checkbox])]:pr-0">
Last Activity
</th>
<th
class="h-12 px-4 text-left align-middle font-medium text-muted-foreground [&amp;:has([role=checkbox])]:pr-0">
Actions
@ -119,8 +115,6 @@ templ content(message types.Message, title string, user types.User, ListSession
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">{ses.OS + ses.OSVersion}
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">{ses.AccessAt}
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">
<button
class="hover:bg-gray-200 inline-flex items-center justify-center whitespace-nowrap rounded-md text-sm font-medium ring-offset-background transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 border border-input bg-background hover:bg-accent hover:text-accent-foreground h-10 px-4 py-2"
@ -323,8 +317,6 @@ templ SessionTable(ListSession []*session.SessionInfo){
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">{ses.OS + ses.OSVersion}
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">{ses.AccessAt}
</td>
<td class="p-4 align-middle [&amp;:has([role=checkbox])]:pr-0">
<button
class="hover:bg-gray-200 inline-flex items-center justify-center whitespace-nowrap rounded-md text-sm font-medium ring-offset-background transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 border border-input bg-background hover:bg-accent hover:text-accent-foreground h-10 px-4 py-2"