update session

tokarchuk/v1.17
slene 11 years ago
parent 0d1872ebe3
commit f9c07c4186
  1. 1
      .gitignore
  2. 27
      conf/app.ini
  3. 11
      modules/auth/user.go
  4. 30
      modules/base/conf.go
  5. 16
      modules/middleware/context.go
  6. 2
      routers/user/user.go
  7. 5
      web.go

1
.gitignore vendored

@ -5,6 +5,7 @@ gogs
*.db *.db
*.log *.log
custom/ custom/
data/
.vendor/ .vendor/
.idea/ .idea/
*.iml *.iml

@ -72,6 +72,33 @@ INTERVAL = 60
; memcache: "127.0.0.1:11211" ; memcache: "127.0.0.1:11211"
HOST = HOST =
[session]
; Either "memory", "file", "redis" or "mysql", default is "memory"
PROVIDER = file
; provider config
; memory: not have any config yet
; file: session file path
; e.g. tmp/sessions
; redis: config like redis server addr,poolSize,password
; e.g. 127.0.0.1:6379,100,astaxie
; mysql: go-sql-driver/mysql dsn config string
; e.g. root:password@/session_table
PROVIDER_CONFIG = data/sessions
; session cookie name
COOKIE_NAME = i_like_gogits
; if you use session in https only, default is false
COOKIE_SECURE = false
; enable set cookie, default is true
ENABLE_SET_COOKIE = true
; session gc time interval, default is 86400
GC_INTERVAL_TIME = 86400
; session life time, default is 86400
SESSION_LIFE_TIME = 86400
; session id hash func, default is sha1
SESSION_ID_HASHFUNC = sha1
; session hash key, default is use random string
SESSION_ID_HASHKEY =
[picture] [picture]
; The place to picture data, either "server" or "qiniu", default is "server" ; The place to picture data, either "server" or "qiniu", default is "server"
SERVICE = server SERVICE = server

@ -9,7 +9,8 @@ import (
"reflect" "reflect"
"github.com/codegangsta/martini" "github.com/codegangsta/martini"
"github.com/martini-contrib/sessions"
"github.com/gogits/session"
"github.com/gogits/binding" "github.com/gogits/binding"
@ -19,7 +20,7 @@ import (
) )
// SignedInId returns the id of signed in user. // SignedInId returns the id of signed in user.
func SignedInId(session sessions.Session) int64 { func SignedInId(session session.SessionStore) int64 {
userId := session.Get("userId") userId := session.Get("userId")
if userId == nil { if userId == nil {
return 0 return 0
@ -34,7 +35,7 @@ func SignedInId(session sessions.Session) int64 {
} }
// SignedInName returns the name of signed in user. // SignedInName returns the name of signed in user.
func SignedInName(session sessions.Session) string { func SignedInName(session session.SessionStore) string {
userName := session.Get("userName") userName := session.Get("userName")
if userName == nil { if userName == nil {
return "" return ""
@ -46,7 +47,7 @@ func SignedInName(session sessions.Session) string {
} }
// SignedInUser returns the user object of signed user. // SignedInUser returns the user object of signed user.
func SignedInUser(session sessions.Session) *models.User { func SignedInUser(session session.SessionStore) *models.User {
id := SignedInId(session) id := SignedInId(session)
if id <= 0 { if id <= 0 {
return nil return nil
@ -61,7 +62,7 @@ func SignedInUser(session sessions.Session) *models.User {
} }
// IsSignedIn check if any user has signed in. // IsSignedIn check if any user has signed in.
func IsSignedIn(session sessions.Session) bool { func IsSignedIn(session session.SessionStore) bool {
return SignedInId(session) > 0 return SignedInId(session) > 0
} }

@ -16,6 +16,7 @@ import (
"github.com/Unknwon/goconfig" "github.com/Unknwon/goconfig"
"github.com/gogits/cache" "github.com/gogits/cache"
"github.com/gogits/session"
"github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/log"
) )
@ -49,6 +50,10 @@ var (
LogMode string LogMode string
LogConfig string LogConfig string
SessionProvider string
SessionConfig *session.Config
SessionManager *session.Manager
) )
var Service struct { var Service struct {
@ -164,6 +169,30 @@ func newCacheService() {
log.Info("Cache Service Enabled") log.Info("Cache Service Enabled")
} }
func newSessionService() {
SessionProvider = Cfg.MustValue("session", "PROVIDER", "memory")
SessionConfig = new(session.Config)
SessionConfig.ProviderConfig = Cfg.MustValue("session", "PROVIDER_CONFIG")
SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
SessionConfig.CookieSecure = Cfg.MustBool("session", "COOKIE_SECURE")
SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
SessionConfig.GcIntervalTime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
SessionConfig.SessionLifeTime = Cfg.MustInt64("session", "SESSION_LIFE_TIME", 86400)
SessionConfig.SessionIDHashFunc = Cfg.MustValue("session", "SESSION_ID_HASHFUNC", "sha1")
SessionConfig.SessionIDHashKey = Cfg.MustValue("session", "SESSION_ID_HASHKEY")
var err error
SessionManager, err = session.NewManager(SessionProvider, *SessionConfig)
if err != nil {
fmt.Printf("Init session system failed, provider: %s, %v\n",
SessionProvider, err)
os.Exit(2)
}
log.Info("Session Service Enabled")
}
func newMailService() { func newMailService() {
// Check mailer setting. // Check mailer setting.
if Cfg.MustBool("mailer", "ENABLED") { if Cfg.MustBool("mailer", "ENABLED") {
@ -234,6 +263,7 @@ func NewServices() {
newService() newService()
newLogService() newLogService()
newCacheService() newCacheService()
newSessionService()
newMailService() newMailService()
newRegisterMailService() newRegisterMailService()
} }

@ -10,9 +10,9 @@ import (
"time" "time"
"github.com/codegangsta/martini" "github.com/codegangsta/martini"
"github.com/martini-contrib/sessions"
"github.com/gogits/cache" "github.com/gogits/cache"
"github.com/gogits/session"
"github.com/gogits/gogs/models" "github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/auth" "github.com/gogits/gogs/modules/auth"
@ -27,7 +27,7 @@ type Context struct {
p martini.Params p martini.Params
Req *http.Request Req *http.Request
Res http.ResponseWriter Res http.ResponseWriter
Session sessions.Session Session session.SessionStore
Cache cache.Cache Cache cache.Cache
User *models.User User *models.User
IsSigned bool IsSigned bool
@ -92,21 +92,25 @@ func (ctx *Context) Handle(status int, title string, err error) {
// InitContext initializes a classic context for a request. // InitContext initializes a classic context for a request.
func InitContext() martini.Handler { func InitContext() martini.Handler {
return func(res http.ResponseWriter, r *http.Request, c martini.Context, return func(res http.ResponseWriter, r *http.Request, c martini.Context, rd *Render) {
session sessions.Session, rd *Render) {
ctx := &Context{ ctx := &Context{
c: c, c: c,
// p: p, // p: p,
Req: r, Req: r,
Res: res, Res: res,
Session: session,
Cache: base.Cache, Cache: base.Cache,
Render: rd, Render: rd,
} }
// start session
ctx.Session = base.SessionManager.SessionStart(res, r)
defer func() {
ctx.Session.SessionRelease(res)
}()
// Get user from session if logined. // Get user from session if logined.
user := auth.SignedInUser(session) user := auth.SignedInUser(ctx.Session)
ctx.User = user ctx.User = user
ctx.IsSigned = user != nil ctx.IsSigned = user != nil

@ -88,7 +88,7 @@ func SignIn(ctx *middleware.Context, form auth.LogInForm) {
user, err := models.LoginUserPlain(form.UserName, form.Password) user, err := models.LoginUserPlain(form.UserName, form.Password)
if err != nil { if err != nil {
if err.Error() == models.ErrUserNotExist.Error() { if err == models.ErrUserNotExist {
ctx.RenderWithErr("Username or password is not correct", "user/signin", &form) ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
return return
} }

@ -12,7 +12,6 @@ import (
"github.com/codegangsta/cli" "github.com/codegangsta/cli"
"github.com/codegangsta/martini" "github.com/codegangsta/martini"
"github.com/martini-contrib/sessions"
"github.com/gogits/binding" "github.com/gogits/binding"
@ -81,10 +80,6 @@ func runWeb(*cli.Context) {
// Middlewares. // Middlewares.
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}})) m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
// TODO: should use other store because cookie store is not secure.
store := sessions.NewCookieStore([]byte("secret123"))
m.Use(sessions.Sessions("my_session", store))
m.Use(middleware.InitContext()) m.Use(middleware.InitContext())
reqSignIn := middleware.SignInRequire(true) reqSignIn := middleware.SignInRequire(true)

Loading…
Cancel
Save