README
¶
session
session is a Go session manager. It can use many session providers. Just like the database/sql and database/sql/driver.
该版本从beego/session改动而来,基于原版根据实际使用做部分改动,原版地址
How to install?
go get github.com/misu99/session
What providers are supported?
As of now this session manager support memory, file, Redis and MySQL.
How to use it?
First you must import it
import (
"github.com/misu99/session"
)
Then in you web app init the global session manager
var globalSessions *session.Manager
-
Use memory as provider:
import _ "github.com/misu99/session/memory" func init() { globalSessions, _ = session.NewManager("memory", `{"cookieName":"gosessionid","gclifetime":3600}`) go globalSessions.GC() } -
Use file as provider, the last param is the path where you want file to be stored:
import _ "github.com/misu99/session/file" func init() { globalSessions, _ = session.NewManager("file",`{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"./tmp"}`) go globalSessions.GC() } -
Use Redis as provider, the last param is the Redis conn address,poolsize,password:
import _ "github.com/misu99/session/redis" func init() { globalSessions, _ = session.NewManager("redis", `{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"127.0.0.1:6379,100,astaxie"}`) go globalSessions.GC() } -
Use MySQL as provider, the last param is the DSN, learn more from mysql:
import _ "github.com/misu99/session/mysql" func init() { globalSessions, _ = session.NewManager( "mysql", `{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"username:password@protocol(address)/dbname?param=value"}`) go globalSessions.GC() }
Finally in the handlerfunc you can use it like this
- session(cookie)
func login(w http.ResponseWriter, r *http.Request) { sess := globalSessions.SessionStart(w, r) defer sess.SessionRelease(w) username := sess.Get("username") fmt.Println(username) if r.Method == "GET" { t, _ := template.ParseFiles("login.gtpl") t.Execute(w, nil) } else { fmt.Println("username:", r.Form["username"]) sess.Set("username", r.Form["username"]) fmt.Println("password:", r.Form["password"]) } } - token
func login(w http.ResponseWriter, r *http.Request) { sess := globalSessions.TokenStart() defer sess.SessionRelease() username := sess.Get("username") fmt.Println(username) if r.Method == "GET" { t, _ := template.ParseFiles("login.gtpl") t.Execute(w, nil) } else { fmt.Println("username:", r.Form["username"]) sess.Set("username", r.Form["username"]) fmt.Println("password:", r.Form["password"]) } }
How to write own provider?
When you develop a web app, maybe you want to write own provider because you must meet the requirements.
Writing a provider is easy. You only need to define two struct types (Session and Provider), which satisfy the interface definition. Maybe you will find the memory provider is a good example.
type SessionStore interface {
Set(key, value interface{}) error //set session value
Get(key interface{}) interface{} //get session value
Delete(key interface{}) error //delete session value
SessionID() string //back current sessionID
SessionRelease() // release the resource & save data to provider & return the data
Flush() error //delete all data
}
type Provider interface {
SessionInit(gclifetime int64, config string) error
SessionNew(sid string) (Store, error)
SessionRead(sid string) (SessionStore, error)
SessionExist(sid string) bool
SessionRegenerate(oldsid, sid string) (SessionStore, error)
SessionDestroy(sid string) error
SessionAll() int //get all active session
SessionGC()
}
Improve
-
增加token形式的session管理(独立存在,不依赖cookie)。
详见TokenStart()与SessionStart(w http.ResponseWriter, r *http.Request)两个函数之间的差异部分 -
适配器增加接口
SessionNew(sid string) (Store, error)接口,将新建session的动作从SessionRead(sid string) (Store, error)中分离。
通过sess, err := session.GetSessionStore(token)方法的err即可判断是否存在对应的session -
增加token续期函数
TokenRegenerateID、TokenExtension
TokenRegenerateID与SessionRegenerateID作用相同,销毁旧的session产生一个新的session。
TokenRegenerateID的作用是将旧的session进行续期,session id保持不变,续期时长是参数配置中的存活时长。 -
改写SessionAll接口为获取所有session id
SessionAll() ([]string, error),并在已有适配器中实现该方法。 -
改写持久化接口
SessionRelease(),移除未曾使用的参数。 -
适配器修改:
- mysql
自动创建session表
session_expiry时间戳更新
- mysql
Documentation
¶
Index ¶
- type Manager
- func (manager *Manager) GC()
- func (manager *Manager) GetActiveSession() ([]string, error)
- func (manager *Manager) GetProvider() Provider
- func (manager *Manager) GetSessionStore(sid string) (sessions store.Store, err error)
- func (manager *Manager) MgrDestroyToken(userId string) (err error)
- func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request)
- func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (session store.Store)
- func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (session store.Store, err error)
- func (manager *Manager) SetSecure(secure bool)
- func (manager *Manager) TokenDestroy(sid string) error
- func (manager *Manager) TokenMgrCreate(userId, token string) (session store.Store, err error)
- func (manager *Manager) TokenStart() (session store.Store, err error)
- func (manager *Manager) TokenStartExpired(ttl time.Duration) (session store.Store, err error)
- type ManagerConfig
- type Provider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager contains Provider and its configuration.
func NewManager ¶
func NewManager(provideName string, cf *ManagerConfig) (*Manager, error)
NewManager Create new Manager with provider name and json config string. provider name: 1. cookie 2. file 3. memory 4. redis 5. mysql json config: 1. is https default false 2. hashfunc default sha1 3. hashkey default beegosessionkey 4. maxage default is none
func (*Manager) GC ¶
func (manager *Manager) GC()
GC Start session gc process. it can do gc in times after gc lifetime.
func (*Manager) GetActiveSession ¶
GetActiveSession Get all active sessions id.
func (*Manager) GetProvider ¶
GetProvider return current manager's provider
func (*Manager) GetSessionStore ¶
GetSessionStore Get SessionStore by its id.
func (*Manager) MgrDestroyToken ¶
func (*Manager) SessionDestroy ¶
func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request)
SessionDestroy Destroy session by its id in http request cookie.
func (*Manager) SessionRegenerateID ¶
func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (session store.Store)
SessionRegenerateID Regenerate a session id for this SessionStore who's id is saving in http request.
func (*Manager) SessionStart ¶
func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (session store.Store, err error)
SessionStart generate or read the session id from http request. if session id exists, return SessionStore with this id.
func (*Manager) TokenMgrCreate ¶
生成token与用户映射
func (*Manager) TokenStart ¶
生成token
type ManagerConfig ¶
type ManagerConfig struct {
CookieName string `json:"cookieName"`
EnableSetCookie bool `json:"enableSetCookie,omitempty"`
Gclifetime int64 `json:"gclifetime"`
Maxlifetime int64 `json:"maxLifetime"`
DisableHTTPOnly bool `json:"disableHTTPOnly"`
Secure bool `json:"secure"`
CookieLifeTime int `json:"cookieLifeTime"`
ProviderConfig string `json:"providerConfig"`
ProviderConfigMgr string `json:"providerConfigMgr,omitempty"`
Domain string `json:"domain"`
SessionIDLength int64 `json:"sessionIDLength"`
EnableSidInHTTPHeader bool `json:"EnableSidInHTTPHeader"`
SessionNameInHTTPHeader string `json:"SessionNameInHTTPHeader"`
EnableSidInURLQuery bool `json:"EnableSidInURLQuery"`
SessionIDPrefix string `json:"sessionIDPrefix"`
}
ManagerConfig define the session config
type Provider ¶
type Provider interface {
SessionInit(lifetime int64, config string) error
SessionNew(sid string, lifetime int64) (store.Store, error)
SessionRead(sid string) (store.Store, error)
SessionExist(sid string) bool
SessionRegenerate(oldsid, sid string) (store.Store, error)
SessionDestroy(sid string) error
SessionAll() ([]string, error) //get all active session
SessionGC()
}
Provider contains global session methods and saved SessionStores. it can operate a SessionStore by its id.
Source Files
Directories