devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

add comments

Browse Source
This commit is contained in:
catusax 2023-07-23 13:02:14 +08:00 committed by GitHub
parent 5018462559
commit e7652db89c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/constants/cookie.go
View File

@ -5,6 +5,6 @@ const (
AppCookieName = "cookie" AppCookieName = "cookie"
// AdminCookieName is the name of the cookie that is used to store the admin token // AdminCookieName is the name of the cookie that is used to store the admin token
AdminCookieName = "authorizer-admin" AdminCookieName = "authorizer-admin"
// MfaCookieName is the name of the cookie that is used to store the mfa session
MfaCookieName = "mfa" MfaCookieName = "mfa"
) )

6
server/cookie/mfa_session.go
View File

@ -12,7 +12,7 @@ import (
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
// SetSession sets the session cookie in the response // SetMfaSession sets the mfa session cookie in the response
func SetMfaSession(gc *gin.Context, sessionID string) { func SetMfaSession(gc *gin.Context, sessionID string) {
appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure) appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
if err != nil { if err != nil {
@ -47,7 +47,7 @@ func SetMfaSession(gc *gin.Context, sessionID string) {
gc.SetCookie(constants.MfaCookieName+"_session_domain", sessionID, age, "/", domain, secure, httpOnly) gc.SetCookie(constants.MfaCookieName+"_session_domain", sessionID, age, "/", domain, secure, httpOnly)
} }
// DeleteSession sets session cookies to expire // DeleteMfaSession deletes the mfa session cookies to expire
func DeleteMfaSession(gc *gin.Context) { func DeleteMfaSession(gc *gin.Context) {
appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure) appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
if err != nil { if err != nil {
@ -69,7 +69,7 @@ func DeleteMfaSession(gc *gin.Context) {
gc.SetCookie(constants.MfaCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly) gc.SetCookie(constants.MfaCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly)
} }
// GetSession gets the session cookie from context // GetMfaSession gets the mfa session cookie from context
func GetMfaSession(gc *gin.Context) (string, error) { func GetMfaSession(gc *gin.Context) (string, error) {
var cookie *http.Cookie var cookie *http.Cookie
var err error var err error

3
server/memorystore/providers/inmemory/store.go
View File

@ -42,11 +42,13 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
return nil return nil
} }
// SetMfaSession sets the mfa session with key and value of email
func (c *provider) SetMfaSession(email, key string, expiration int64) error { func (c *provider) SetMfaSession(email, key string, expiration int64) error {
c.mfasessionStore.Set(email, key, email, expiration) c.mfasessionStore.Set(email, key, email, expiration)
return nil return nil
} }
// GetMfaSession returns value of given mfa session
func (c *provider) GetMfaSession(email, key string) (string, error) { func (c *provider) GetMfaSession(email, key string) (string, error) {
val := c.mfasessionStore.Get(email, key) val := c.mfasessionStore.Get(email, key)
if val == "" { if val == "" {
@ -55,6 +57,7 @@ func (c *provider) GetMfaSession(email, key string) (string, error) {
return val, nil return val, nil
} }
// DeleteMfaSession deletes given mfa session from in-memory store.
func (c *provider) DeleteMfaSession(email, key string) error { func (c *provider) DeleteMfaSession(email, key string) error {
c.mfasessionStore.Remove(email, key) c.mfasessionStore.Remove(email, key)
return nil return nil

4
server/memorystore/providers/providers.go
View File

@ -12,9 +12,11 @@ type Provider interface {
DeleteAllUserSessions(userId string) error DeleteAllUserSessions(userId string) error
// DeleteSessionForNamespace deletes the session for a given namespace // DeleteSessionForNamespace deletes the session for a given namespace
DeleteSessionForNamespace(namespace string) error DeleteSessionForNamespace(namespace string) error
// SetMfaSession sets the mfa session with key and value of email
SetMfaSession(email, key string, expiration int64) error SetMfaSession(email, key string, expiration int64) error
// GetMfaSession returns value of given mfa session
GetMfaSession(email, key string) (string, error) GetMfaSession(email, key string) (string, error)
// DeleteMfaSession deletes given mfa session from in-memory store.
DeleteMfaSession(email, key string) error DeleteMfaSession(email, key string) error
// SetState sets the login state (key, value form) in the session store // SetState sets the login state (key, value form) in the session store

3
server/memorystore/providers/redis/store.go
View File

@ -93,6 +93,7 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
return nil return nil
} }
// SetMfaSession sets the mfa session with key and value of email
func (c *provider) SetMfaSession(email, key string, expiration int64) error { func (c *provider) SetMfaSession(email, key string, expiration int64) error {
currentTime := time.Now() currentTime := time.Now()
expireTime := time.Unix(expiration, 0) expireTime := time.Unix(expiration, 0)
@ -105,6 +106,7 @@ func (c *provider) SetMfaSession(email, key string, expiration int64) error {
return nil return nil
} }
// GetMfaSession returns value of given mfa session
func (c *provider) GetMfaSession(email, key string) (string, error) { func (c *provider) GetMfaSession(email, key string) (string, error) {
data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Result() data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Result()
if err != nil { if err != nil {
@ -113,6 +115,7 @@ func (c *provider) GetMfaSession(email, key string) (string, error) {
return data, nil return data, nil
} }
// DeleteMfaSession deletes given mfa session from in-memory store.
func (c *provider) DeleteMfaSession(email, key string) error { func (c *provider) DeleteMfaSession(email, key string) error {
if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Err(); err != nil { if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Err(); err != nil {
log.Debug("Error deleting user session from redis: ", err) log.Debug("Error deleting user session from redis: ", err)