empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-07 09:18:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6a825c11e3
fleet/server/kolide/sessions.go
John Murphy 6a825c11e3 Datastore refactor (#439) 
Removed Gorm, replaced it with Sqlx

* Added SQL bundling command to Makfile

* Using go-kit logger

* Added soft delete capability

* Changed SearchLabel to accept a variadic param for optional omit list
instead of array

* Gorm removed

* Refactor table structures to use CURRENT_TIMESTAMP mysql function

* Moved Inmem datastore into it's own package

* Updated README

* Implemented code review suggestions from @zwass

* Removed reference to Gorm from glide.yaml
2016-11-16 21:47:49 +08:00

102 lines
3.7 KiB
Go
Raw Blame History

package kolide
import (
"time"
jwt "github.com/dgrijalva/jwt-go"
"github.com/kolide/kolide-ose/server/errors"
"golang.org/x/net/context"
)
const publicErrorMessage string = "Session error"
var (
// An error returned by SessionStore.Get() if no session record was found
// in the database
ErrNoActiveSession = errors.New(publicErrorMessage, "Active session is not present in the database")
// An error returned by SessionStore methods when no session object has
// been created yet but the requested action requires one
ErrSessionNotCreated = errors.New(publicErrorMessage, "The session has not been created")
// An error returned by SessionStore.Get() when a session is requested but
// it has expired
ErrSessionExpired = errors.New(publicErrorMessage, "The session has expired")
// An error returned by SessionStore which indicates that the token
// or it's content were malformed
ErrSessionMalformed = errors.New(publicErrorMessage, "The session token was malformed")
)
// SessionStore is the abstract interface that all session backends must
// conform to.
type SessionStore interface {
// Given a session key, find and return a session object or an error if one
// could not be found for the given key
SessionByKey(key string) (*Session, error)
// Given a session id, find and return a session object or an error if one
// could not be found for the given id
SessionByID(id uint) (*Session, error)
// Find all of the active sessions for a given user
ListSessionsForUser(id uint) ([]*Session, error)
// Store a new session struct
NewSession(session *Session) (*Session, error)
// Destroy the currently tracked session
DestroySession(session *Session) error
// Destroy all of the sessions for a given user
DestroyAllSessionsForUser(id uint) error
// Mark the currently tracked session as access to extend expiration
MarkSessionAccessed(session *Session) error
}
type SessionService interface {
Login(ctx context.Context, username, password string) (user *User, token string, err error)
Logout(ctx context.Context) (err error)
DestroySession(ctx context.Context) (err error)
GetInfoAboutSessionsForUser(ctx context.Context, id uint) (sessions []*Session, err error)
DeleteSessionsForUser(ctx context.Context, id uint) (err error)
GetInfoAboutSession(ctx context.Context, id uint) (session *Session, err error)
GetSessionByKey(ctx context.Context, key string) (session *Session, err error)
DeleteSession(ctx context.Context, id uint) (err error)
}
// Session is the model object which represents what an active session is
type Session struct {
CreateTimestamp
ID uint `gorm:"primary_key"`
AccessedAt time.Time `db:"accessed_at"`
UserID uint `gorm:"not null" db:"user_id"`
Key string `gorm:"not null;unique_index:idx_session_unique_key"`
}
////////////////////////////////////////////////////////////////////////////////
// JSON Web Tokens
////////////////////////////////////////////////////////////////////////////////
// Given a session key create a JWT to be delivered to the client
func GenerateJWT(sessionKey, jwtKey string) (string, error) {
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"session_key": sessionKey,
})
return token.SignedString([]byte(jwtKey))
}
// ParseJWT attempts to parse a JWT token in serialized string form into a
// JWT token in a deserialized jwt.Token struct.
func ParseJWT(token, jwtKey string) (*jwt.Token, error) {
return jwt.Parse(token, func(t *jwt.Token) (interface{}, error) {
method, ok := t.Method.(*jwt.SigningMethodHMAC)
if !ok || method != jwt.SigningMethodHS256 {
return nil, errors.New(publicErrorMessage, "Unexpected signing method")
}
return []byte(jwtKey), nil
})
}
Reference in New Issue View Git Blame Copy Permalink