adyxax/tfstated
1
0
Fork 0
Code Issues 47 Pull requests Releases Packages Wiki Activity Actions
tfstated/pkg/database/sessions.go
Julien Dessaux 929657fd34
All checks were successful
main / main (push) Successful in 1m40s
Details
main / deploy (push) Has been skipped
Details
main / publish (push) Has been skipped
Details
chore(webui): improve the randomness of session cookies 
Closes #24
2025-04-23 00:20:52 +02:00

84 lines
2 KiB
Go
Raw Blame History

package database
import (
"database/sql"
"encoding/base64"
"errors"
"fmt"
"time"
"git.adyxax.org/adyxax/tfstated/pkg/model"
"git.adyxax.org/adyxax/tfstated/pkg/scrypto"
)
func (db *DB) CreateSession(account *model.Account) (string, error) {
sessionBytes := scrypto.RandomBytes(32)
sessionId := base64.RawURLEncoding.EncodeToString(sessionBytes[:])
if _, err := db.Exec(
`INSERT INTO sessions(id, account_id, data)
VALUES (?, ?, ?);`,
sessionId,
account.Id,
"",
); err != nil {
return "", fmt.Errorf("failed insert new session in database: %w", err)
}
return sessionId, nil
}
func (db *DB) DeleteExpiredSessions() error {
_, err := db.Exec(`DELETE FROM sessions WHERE created < ?`, time.Now().Unix())
if err != nil {
return fmt.Errorf("failed to delete expired session: %w", err)
}
return nil
}
func (db *DB) DeleteSession(session *model.Session) error {
_, err := db.Exec(`DELETE FROM sessions WHERE id = ?`, session.Id)
if err != nil {
return fmt.Errorf("failed to delete session %s: %w", session.Id, err)
}
return nil
}
func (db *DB) LoadSessionById(id string) (*model.Session, error) {
session := model.Session{
Id: id,
}
var (
created int64
updated int64
)
err := db.QueryRow(
`SELECT account_id,
created,
updated,
data
FROM sessions
WHERE id = ?;`,
id,
).Scan(&session.AccountId,
&created,
&updated,
&session.Data,
)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return nil, nil
}
return nil, fmt.Errorf("failed to load session by id %s: %w", id, err)
}
session.Created = time.Unix(created, 0)
session.Updated = time.Unix(updated, 0)
return &session, nil
}
func (db *DB) TouchSession(sessionId string) error {
now := time.Now().UTC()
_, err := db.Exec(`UPDATE sessions SET updated = ? WHERE id = ?`, now.Unix(), sessionId)
if err != nil {
return fmt.Errorf("failed to touch updated for session %s: %w", sessionId, err)
}
return nil
}
Reference in a new issue View git blame Copy permalink