mirror of https://github.com/go-gitea/gitea.git
Backport #18018 When logging in the SessionID should be reset and the session cleaned up. Also logs the user in on completion of linking account Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
148a417774
commit
76e1c130fb
2
go.mod
2
go.mod
|
@ -9,7 +9,7 @@ require (
|
|||
gitea.com/go-chi/binding v0.0.0-20210301195521-1fe1c9a555e7
|
||||
gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e
|
||||
gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e
|
||||
gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee
|
||||
gitea.com/go-chi/session v0.0.0-20211218221615-e3605d8b28b8
|
||||
gitea.com/lunny/levelqueue v0.4.1
|
||||
github.com/Microsoft/go-winio v0.5.0 // indirect
|
||||
github.com/NYTimes/gziphandler v1.1.1
|
||||
|
|
7
go.sum
7
go.sum
|
@ -47,8 +47,8 @@ gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e h1:zgPGaf3kXP0cVm9J0l8
|
|||
gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e/go.mod h1:k2V/gPDEtXGjjMGuBJiapffAXTv76H4snSmlJRLUhH0=
|
||||
gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e h1:YjaQU6XFicdhPN+MlGolcXO8seYY2+EY5g7vZPB17CQ=
|
||||
gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e/go.mod h1:nfA7JaGv3hbGQ1ktdhAsZhdS84qKffI8NMlHr+Opsog=
|
||||
gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee h1:9U6HuKUBt/cGK6T/64dEuz0r7Yp97WAAEJvXHDlY3ws=
|
||||
gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee/go.mod h1:Ozg8IchVNb/Udg+ui39iHRYqVHSvf3C99ixdpLR8Vu0=
|
||||
gitea.com/go-chi/session v0.0.0-20211218221615-e3605d8b28b8 h1:tJQRXgZigkLeeW9LPlps9G9aMoE6LAmqigLA+wxmd1Q=
|
||||
gitea.com/go-chi/session v0.0.0-20211218221615-e3605d8b28b8/go.mod h1:fc/pjt5EqNKgqQXYzcas1Z5L5whkZHyOvTA7OzWVJck=
|
||||
gitea.com/lunny/levelqueue v0.4.1 h1:RZ+AFx5gBsZuyqCvofhAkPQ9uaVDPJnsULoJZIYaJNw=
|
||||
gitea.com/lunny/levelqueue v0.4.1/go.mod h1:HBqmLbz56JWpfEGG0prskAV97ATNRoj5LDmPicD22hU=
|
||||
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
|
||||
|
@ -325,8 +325,9 @@ github.com/go-asn1-ber/asn1-ber v1.5.3/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkPro
|
|||
github.com/go-chi/chi v1.5.1/go.mod h1:REp24E+25iKvxgeTfHmdUoL5x15kBiDBlnIl5bCwe2k=
|
||||
github.com/go-chi/chi v1.5.4 h1:QHdzF2szwjqVV4wmByUnTcsbIg7UGaQ0tPF2t5GcAIs=
|
||||
github.com/go-chi/chi v1.5.4/go.mod h1:uaf8YgoFazUOkPBG7fxPftUylNumIev9awIWOENIuEg=
|
||||
github.com/go-chi/chi/v5 v5.0.1 h1:ALxjCrTf1aflOlkhMnCUP86MubbWFrzB3gkRPReLpTo=
|
||||
github.com/go-chi/chi/v5 v5.0.1/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/go-chi/chi/v5 v5.0.4 h1:5e494iHzsYBiyXQAHHuI4tyJS9M3V84OuX3ufIIGHFo=
|
||||
github.com/go-chi/chi/v5 v5.0.4/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/go-chi/cors v1.2.0 h1:tV1g1XENQ8ku4Bq3K9ub2AtgG+p16SmzeMSGTwrOKdE=
|
||||
github.com/go-chi/cors v1.2.0/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
|
||||
github.com/go-enry/go-enry/v2 v2.7.1 h1:WCqtfyteIz61GYk9lRVy8HblvIv4cP9GIiwm/6txCbU=
|
||||
|
|
|
@ -4,9 +4,21 @@
|
|||
|
||||
package session
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"gitea.com/go-chi/session"
|
||||
)
|
||||
|
||||
// Store represents a session store
|
||||
type Store interface {
|
||||
Get(interface{}) interface{}
|
||||
Set(interface{}, interface{}) error
|
||||
Delete(interface{}) error
|
||||
}
|
||||
|
||||
// RegenerateSession regenerates the underlying session and returns the new store
|
||||
func RegenerateSession(resp http.ResponseWriter, req *http.Request) (Store, error) {
|
||||
s, err := session.RegenerateSession(resp, req)
|
||||
return s, err
|
||||
}
|
||||
|
|
|
@ -22,6 +22,7 @@ import (
|
|||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/password"
|
||||
"code.gitea.io/gitea/modules/recaptcha"
|
||||
"code.gitea.io/gitea/modules/session"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/timeutil"
|
||||
"code.gitea.io/gitea/modules/web"
|
||||
|
@ -87,6 +88,10 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
|
|||
|
||||
isSucceed = true
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
return false, fmt.Errorf("unable to RegenerateSession: Error: %w", err)
|
||||
}
|
||||
|
||||
// Set session IDs
|
||||
if err := ctx.Session.Set("uid", u.ID); err != nil {
|
||||
return false, err
|
||||
|
@ -235,6 +240,11 @@ func SignInPost(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("UserSignIn: Unable to set regenerate session", err)
|
||||
return
|
||||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
||||
ctx.ServerError("UserSignIn: Unable to set twofaUid in session", err)
|
||||
|
@ -395,6 +405,9 @@ func TwoFactorScratchPost(ctx *context.Context) {
|
|||
}
|
||||
|
||||
handleSignInFull(ctx, u, remember, false)
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
ctx.Flash.Info(ctx.Tr("auth.twofa_scratch_used"))
|
||||
ctx.Redirect(setting.AppSubURL + "/user/settings/security")
|
||||
return
|
||||
|
@ -505,6 +518,9 @@ func U2FSign(ctx *context.Context) {
|
|||
}
|
||||
}
|
||||
redirect := handleSignInFull(ctx, user, remember, false)
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
if redirect == "" {
|
||||
redirect = setting.AppSubURL + "/"
|
||||
}
|
||||
|
@ -517,7 +533,11 @@ func U2FSign(ctx *context.Context) {
|
|||
|
||||
// This handles the final part of the sign-in process of the user.
|
||||
func handleSignIn(ctx *context.Context, u *models.User, remember bool) {
|
||||
handleSignInFull(ctx, u, remember, true)
|
||||
redirect := handleSignInFull(ctx, u, remember, true)
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
ctx.Redirect(redirect)
|
||||
}
|
||||
|
||||
func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyRedirect bool) string {
|
||||
|
@ -528,6 +548,12 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR
|
|||
setting.CookieRememberName, u.Name, days)
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return setting.AppSubURL + "/"
|
||||
}
|
||||
|
||||
// Delete the openid, 2fa and linkaccount data
|
||||
_ = ctx.Session.Delete("openid_verified_uri")
|
||||
_ = ctx.Session.Delete("openid_signin_remember")
|
||||
_ = ctx.Session.Delete("openid_determined_email")
|
||||
|
@ -551,7 +577,7 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR
|
|||
if len(u.Language) == 0 {
|
||||
u.Language = ctx.Locale.Language()
|
||||
if err := models.UpdateUserCols(u, "language"); err != nil {
|
||||
log.Error(fmt.Sprintf("Error updating user language [user: %d, locale: %s]", u.ID, u.Language))
|
||||
ctx.ServerError("UpdateUserCols Language", fmt.Errorf("Error updating user language [user: %d, locale: %s]", u.ID, u.Language))
|
||||
return setting.AppSubURL + "/"
|
||||
}
|
||||
}
|
||||
|
@ -697,6 +723,11 @@ func getUserName(gothUser *goth.User) string {
|
|||
}
|
||||
|
||||
func showLinkingLogin(ctx *context.Context, gothUser goth.User) {
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return
|
||||
}
|
||||
|
||||
if err := ctx.Session.Set("linkAccountGothUser", gothUser); err != nil {
|
||||
log.Error("Error setting linkAccountGothUser in session: %v", err)
|
||||
}
|
||||
|
@ -736,6 +767,11 @@ func handleOAuth2SignIn(ctx *context.Context, u *models.User, gothUser goth.User
|
|||
return
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return
|
||||
}
|
||||
|
||||
if err := ctx.Session.Set("uid", u.ID); err != nil {
|
||||
log.Error("Error setting uid in session: %v", err)
|
||||
}
|
||||
|
@ -776,6 +812,11 @@ func handleOAuth2SignIn(ctx *context.Context, u *models.User, gothUser goth.User
|
|||
return
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return
|
||||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
||||
log.Error("Error setting twofaUid in session: %v", err)
|
||||
|
@ -965,6 +1006,11 @@ func linkAccount(ctx *context.Context, u *models.User, gothUser goth.User, remem
|
|||
return
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return
|
||||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
||||
log.Error("Error setting twofaUid in session: %v", err)
|
||||
|
@ -1102,7 +1148,7 @@ func LinkAccountPostRegister(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
ctx.Redirect(setting.AppSubURL + "/user/login")
|
||||
handleSignIn(ctx, u, false)
|
||||
}
|
||||
|
||||
// HandleSignOut resets the session and sets the cookies
|
||||
|
@ -1244,7 +1290,7 @@ func SignUpPost(ctx *context.Context) {
|
|||
}
|
||||
|
||||
ctx.Flash.Success(ctx.Tr("auth.sign_up_successful"))
|
||||
handleSignInFull(ctx, u, false, true)
|
||||
handleSignIn(ctx, u, false)
|
||||
}
|
||||
|
||||
// createAndHandleCreatedUser calls createUserInContext and
|
||||
|
@ -1465,6 +1511,13 @@ func handleAccountActivation(ctx *context.Context, user *models.User) {
|
|||
|
||||
log.Trace("User activated: %s", user.Name)
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err)
|
||||
ctx.ServerError("ActivateUserEmail", err)
|
||||
return
|
||||
}
|
||||
|
||||
// Set session IDs
|
||||
if err := ctx.Session.Set("uid", user.ID); err != nil {
|
||||
log.Error("Error setting uid in session[%s]: %v", ctx.Session.ID(), err)
|
||||
}
|
||||
|
@ -1737,11 +1790,14 @@ func ResetPasswdPost(ctx *context.Context) {
|
|||
|
||||
handleSignInFull(ctx, u, remember, false)
|
||||
ctx.Flash.Info(ctx.Tr("auth.twofa_scratch_used"))
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
ctx.Redirect(setting.AppSubURL + "/user/settings/security")
|
||||
return
|
||||
}
|
||||
|
||||
handleSignInFull(ctx, u, remember, true)
|
||||
handleSignIn(ctx, u, remember)
|
||||
}
|
||||
|
||||
// MustChangePassword renders the page to change a user's password
|
||||
|
|
|
@ -16,6 +16,7 @@ import (
|
|||
"code.gitea.io/gitea/modules/hcaptcha"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/recaptcha"
|
||||
"code.gitea.io/gitea/modules/session"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
"code.gitea.io/gitea/modules/web"
|
||||
|
@ -231,6 +232,11 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
}
|
||||
}
|
||||
|
||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||
ctx.ServerError("RegenerateSession", err)
|
||||
return
|
||||
}
|
||||
|
||||
if err := ctx.Session.Set("openid_verified_uri", id); err != nil {
|
||||
log.Error("signInOpenIDVerify: Could not set openid_verified_uri in session: %v", err)
|
||||
}
|
||||
|
|
|
@ -14,6 +14,7 @@ import (
|
|||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/session"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/web/middleware"
|
||||
)
|
||||
|
@ -95,6 +96,14 @@ func isGitRawReleaseOrLFSPath(req *http.Request) bool {
|
|||
|
||||
// handleSignIn clears existing session variables and stores new ones for the specified user object
|
||||
func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore, user *models.User) {
|
||||
// We need to regenerate the session...
|
||||
newSess, err := session.RegenerateSession(resp, req)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error regenerating session: %v", err))
|
||||
} else {
|
||||
sess = newSess
|
||||
}
|
||||
|
||||
_ = sess.Delete("openid_verified_uri")
|
||||
_ = sess.Delete("openid_signin_remember")
|
||||
_ = sess.Delete("openid_determined_email")
|
||||
|
@ -103,7 +112,7 @@ func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore
|
|||
_ = sess.Delete("twofaRemember")
|
||||
_ = sess.Delete("u2fChallenge")
|
||||
_ = sess.Delete("linkAccount")
|
||||
err := sess.Set("uid", user.ID)
|
||||
err = sess.Set("uid", user.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Session
|
||||
|
||||
Middleware session provides session management which copied from [Macaron Session](https://gitea.com/go-chi/session) for [go-chi](https://github.com/go-chi/chi). It can use many session providers, including memory, file, Redis, Memcache, PostgreSQL, MySQL, Couchbase, Ledis and Nodb.
|
||||
Middleware session provides session management which based on a [fork](https://gitea.com/macaron/session) of [Macaron Session](https://github.com/go-macaron/session) for [go-chi](https://github.com/go-chi/chi). It can use many session providers, including memory, file, Redis, Memcache, PostgreSQL, MySQL, Couchbase, Ledis and Nodb.
|
||||
|
||||
## Installation
|
||||
|
||||
|
@ -10,7 +10,7 @@ go get gitea.com/go-chi/session
|
|||
|
||||
## Credits
|
||||
|
||||
This package is a modified version of [go-macaron/session](github.com/go-macaron/session).
|
||||
This package is a modified version of [go-macaron/session](https://github.com/go-macaron/session).
|
||||
|
||||
## License
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ require (
|
|||
github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 // indirect
|
||||
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76 // indirect
|
||||
github.com/edsrzf/mmap-go v1.0.0 // indirect
|
||||
github.com/go-chi/chi v1.5.1
|
||||
github.com/go-chi/chi/v5 v5.0.4
|
||||
github.com/go-redis/redis/v8 v8.4.0
|
||||
github.com/go-sql-driver/mysql v1.4.1
|
||||
github.com/lib/pq v1.2.0
|
||||
|
|
|
@ -10,7 +10,6 @@ github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 h1:NCqJ6fwen6YP0
|
|||
github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
|
||||
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76 h1:Lgdd/Qp96Qj8jqLpq2cI1I1X7BJnu06efS+XkhRoLUQ=
|
||||
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
|
||||
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
|
@ -18,18 +17,16 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/r
|
|||
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
|
||||
github.com/edsrzf/mmap-go v1.0.0 h1:CEBF7HpRnUCSJgGUb5h1Gm7e3VkmVDrR8lvWVLtrOFw=
|
||||
github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
|
||||
github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
|
||||
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
|
||||
github.com/go-chi/chi v1.5.1 h1:kfTK3Cxd/dkMu/rKs5ZceWYp+t5CtiE7vmaTv3LjC6w=
|
||||
github.com/go-chi/chi v1.5.1/go.mod h1:REp24E+25iKvxgeTfHmdUoL5x15kBiDBlnIl5bCwe2k=
|
||||
github.com/go-chi/chi/v5 v5.0.4 h1:5e494iHzsYBiyXQAHHuI4tyJS9M3V84OuX3ufIIGHFo=
|
||||
github.com/go-chi/chi/v5 v5.0.4/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/go-redis/redis/v8 v8.4.0 h1:J5NCReIgh3QgUJu398hUncxDExN4gMOHI11NVbVicGQ=
|
||||
github.com/go-redis/redis/v8 v8.4.0/go.mod h1:A1tbYoHSa1fXwN+//ljcCYYJeLmVrwL9hbQN45Jdy0M=
|
||||
github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA=
|
||||
github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
|
||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg=
|
||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||
|
@ -48,7 +45,6 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
|
|||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||
github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg=
|
||||
github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
|
||||
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
||||
github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||
github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
|
||||
|
@ -58,12 +54,10 @@ github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
|
|||
github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
|
||||
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||
github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs=
|
||||
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
|
||||
github.com/onsi/ginkgo v1.14.2 h1:8mVmC9kjFFmA8H4pKMUhcblgifdkOIXPvbhN1T36q1M=
|
||||
github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
|
||||
github.com/onsi/gomega v1.4.3 h1:RE1xgDvH7imwFD45h+u2SgIfERHlS2yNG4DObb5BSKU=
|
||||
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
|
||||
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
|
||||
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
|
||||
|
@ -118,7 +112,6 @@ golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7w
|
|||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA=
|
||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
|
@ -137,7 +130,6 @@ google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyz
|
|||
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
|
||||
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
||||
gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU=
|
||||
gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
|
|
|
@ -23,6 +23,7 @@ import (
|
|||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"reflect"
|
||||
"time"
|
||||
)
|
||||
|
||||
|
@ -259,7 +260,7 @@ func Sessioner(options ...Options) func(next http.Handler) http.Handler {
|
|||
return
|
||||
}
|
||||
|
||||
if err = sess.Release(); err != nil {
|
||||
if err = s.RawStore.Release(); err != nil {
|
||||
panic("session(release): " + err.Error())
|
||||
}
|
||||
})
|
||||
|
@ -273,6 +274,26 @@ func GetSession(req *http.Request) Store {
|
|||
return sess
|
||||
}
|
||||
|
||||
// RegenerateSession
|
||||
func RegenerateSession(resp http.ResponseWriter, req *http.Request) (Store, error) {
|
||||
sess, ok := GetSession(req).(*store)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("no session in request context")
|
||||
}
|
||||
|
||||
oldRawStore := sess.RawStore
|
||||
if err := oldRawStore.Release(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
store, err := sess.RegenerateID(resp, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sess.RawStore = store
|
||||
return sess, nil
|
||||
}
|
||||
|
||||
// Provider is the interface that provides session manipulations.
|
||||
type Provider interface {
|
||||
// Init initializes session provider.
|
||||
|
@ -291,17 +312,34 @@ type Provider interface {
|
|||
GC()
|
||||
}
|
||||
|
||||
var providers = make(map[string]Provider)
|
||||
var providers = make(map[string]func() Provider)
|
||||
|
||||
// Register registers a provider.
|
||||
func Register(name string, provider Provider) {
|
||||
if provider == nil {
|
||||
if reflect.TypeOf(provider).Kind() == reflect.Ptr {
|
||||
// Pointer:
|
||||
RegisterFn(name, func() Provider {
|
||||
return reflect.New(reflect.ValueOf(provider).Elem().Type()).Interface().(Provider)
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
// Not a Pointer
|
||||
RegisterFn(name, func() Provider {
|
||||
return reflect.New(reflect.TypeOf(provider)).Elem().Interface().(Provider)
|
||||
})
|
||||
}
|
||||
|
||||
// RegisterFn registers a provider function.
|
||||
func RegisterFn(name string, providerfn func() Provider) {
|
||||
if providerfn == nil {
|
||||
panic("session: cannot register provider with nil value")
|
||||
}
|
||||
if _, dup := providers[name]; dup {
|
||||
panic(fmt.Errorf("session: cannot register provider '%s' twice", name))
|
||||
}
|
||||
providers[name] = provider
|
||||
|
||||
providers[name] = providerfn
|
||||
}
|
||||
|
||||
// _____
|
||||
|
@ -318,12 +356,15 @@ type Manager struct {
|
|||
}
|
||||
|
||||
// NewManager creates and returns a new session manager by given provider name and configuration.
|
||||
// It panics when given provider isn't registered.
|
||||
// It returns an error when requested provider name isn't registered.
|
||||
func NewManager(name string, opt Options) (*Manager, error) {
|
||||
p, ok := providers[name]
|
||||
fn, ok := providers[name]
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("session: unknown provider '%s'(forgotten import?)", name)
|
||||
}
|
||||
|
||||
p := fn()
|
||||
|
||||
return &Manager{p, opt}, p.Init(opt.Maxlifetime, opt.ProviderConfig)
|
||||
}
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ gitea.com/go-chi/cache/memcache
|
|||
# gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e
|
||||
## explicit
|
||||
gitea.com/go-chi/captcha
|
||||
# gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee
|
||||
# gitea.com/go-chi/session v0.0.0-20211218221615-e3605d8b28b8
|
||||
## explicit
|
||||
gitea.com/go-chi/session
|
||||
gitea.com/go-chi/session/couchbase
|
||||
|
|
Loading…
Reference in New Issue