.

Author: shashi-rai

pkg/build_info.go

@@ -33,5 +33,5 @@ var (
 
 const (
 	// VERSION represent Bhojpur Session - Application Framework version.
-	VERSION = "0.0.1"
+	VERSION = "0.0.2"
 )

pkg/engine/server.go

@@ -22,7 +22,7 @@ package engine
 
 // Usage:
 // import(
-//   "github.com/bhojpur/session/pkg/engine"
+//   session "github.com/bhojpur/session/pkg/engine"
 // )
 //
 //	func init() {
@@ -47,12 +47,12 @@ import (
 
 // Store contains all data for one session process with specific id.
 type Store interface {
-	Set(ctx context.Context, key, value interface{}) error     //set session value
-	Get(ctx context.Context, key interface{}) interface{}      //get session value
-	Delete(ctx context.Context, key interface{}) error         //delete session value
-	SessionID(ctx context.Context) string                      //back current sessionID
+	Set(ctx context.Context, key, value interface{}) error     // set session value
+	Get(ctx context.Context, key interface{}) interface{}      // get session value
+	Delete(ctx context.Context, key interface{}) error         // delete session value
+	SessionID(ctx context.Context) string                      // back current sessionID
 	SessionRelease(ctx context.Context, w http.ResponseWriter) // release the resource & save data to provider & return the data
-	Flush(ctx context.Context) error                           //delete all data
+	Flush(ctx context.Context) error                           // delete all data
 }
 
 // Provider contains global session methods and saved SessionStores.
@@ -63,7 +63,7 @@ type Provider interface {
 	SessionExist(ctx context.Context, sid string) (bool, error)
 	SessionRegenerate(ctx context.Context, oldsid, sid string) (Store, error)
 	SessionDestroy(ctx context.Context, sid string) error
-	SessionAll(ctx context.Context) int //get all active session
+	SessionAll(ctx context.Context) int // get all active session
 	SessionGC(ctx context.Context)
 }
 
@@ -73,45 +73,23 @@ var provides = make(map[string]Provider)
 var SLogger = NewSessionLog(os.Stderr)
 
 // Register makes a session provide available by the provided name.
-// If Register is called twice with the same name or if driver is nil,
-// it panics.
+// If provider is nil, it panic
 func Register(name string, provide Provider) {
 	if provide == nil {
-		panic("session: Register provider is nil")
-	}
-	if _, dup := provides[name]; dup {
-		panic("session: Register called twice for provider " + name)
+		panic("session: Register provide is nil")
 	}
 	provides[name] = provide
 }
 
-//GetProvider
+// GetProvider
 func GetProvider(name string) (Provider, error) {
 	provider, ok := provides[name]
 	if !ok {
-		return nil, fmt.Errorf("session: unknown provider %q (forgotten import?)", name)
+		return nil, fmt.Errorf("session: unknown provide %q (forgotten import?)", name)
 	}
 	return provider, nil
 }
 
-// ManagerConfig define the session config
-type ManagerConfig struct {
-	CookieName              string `json:"cookieName"`
-	EnableSetCookie         bool   `json:"enableSetCookie,omitempty"`
-	Gclifetime              int64  `json:"gclifetime"`
-	Maxlifetime             int64  `json:"maxLifetime"`
-	DisableHTTPOnly         bool   `json:"disableHTTPOnly"`
-	Secure                  bool   `json:"secure"`
-	CookieLifeTime          int    `json:"cookieLifeTime"`
-	ProviderConfig          string `json:"providerConfig"`
-	Domain                  string `json:"domain"`
-	SessionIDLength         int64  `json:"sessionIDLength"`
-	EnableSidInHTTPHeader   bool   `json:"EnableSidInHTTPHeader"`
-	SessionNameInHTTPHeader string `json:"SessionNameInHTTPHeader"`
-	EnableSidInURLQuery     bool   `json:"EnableSidInURLQuery"`
-	SessionIDPrefix         string `json:"sessionIDPrefix"`
-}
-
 // Manager contains Provider and its configuration.
 type Manager struct {
 	provider Provider
@@ -133,7 +111,7 @@ type Manager struct {
 func NewManager(provideName string, cf *ManagerConfig) (*Manager, error) {
 	provider, ok := provides[provideName]
 	if !ok {
-		return nil, fmt.Errorf("session: unknown provider %q (forgotten import?)", provideName)
+		return nil, fmt.Errorf("session: unknown provide %q (forgotten import?)", provideName)
 	}
 
 	if cf.Maxlifetime == 0 {
@@ -242,6 +220,7 @@ func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (se
 		HttpOnly: !manager.config.DisableHTTPOnly,
 		Secure:   manager.isSecure(r),
 		Domain:   manager.config.Domain,
+		SameSite: manager.config.CookieSameSite,
 	}
 	if manager.config.CookieLifeTime > 0 {
 		cookie.MaxAge = manager.config.CookieLifeTime
@@ -276,12 +255,15 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
 	manager.provider.SessionDestroy(nil, sid)
 	if manager.config.EnableSetCookie {
 		expiration := time.Now()
-		cookie = &http.Cookie{Name: manager.config.CookieName,
+		cookie = &http.Cookie{
+			Name:     manager.config.CookieName,
 			Path:     "/",
 			HttpOnly: !manager.config.DisableHTTPOnly,
 			Expires:  expiration,
 			MaxAge:   -1,
-			Domain:   manager.config.Domain}
+			Domain:   manager.config.Domain,
+			SameSite: manager.config.CookieSameSite,
+		}
 
 		http.SetCookie(w, cookie)
 	}
@@ -311,17 +293,19 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
 
 	cookie, err := r.Cookie(manager.config.CookieName)
 	if err != nil || cookie.Value == "" {
-		//delete old cookie
+		// delete old cookie
 		session, err = manager.provider.SessionRead(nil, sid)
 		if err != nil {
 			return nil, err
 		}
-		cookie = &http.Cookie{Name: manager.config.CookieName,
+		cookie = &http.Cookie{
+			Name:     manager.config.CookieName,
 			Value:    url.QueryEscape(sid),
 			Path:     "/",
 			HttpOnly: !manager.config.DisableHTTPOnly,
 			Secure:   manager.isSecure(r),
 			Domain:   manager.config.Domain,
+			SameSite: manager.config.CookieSameSite,
 		}
 	} else {
 		oldsid, err := url.QueryUnescape(cookie.Value)

pkg/engine/session_config.go

@@ -0,0 +1,143 @@
+package engine
+
+import "net/http"
+
+// ManagerConfig define the session config
+type ManagerConfig struct {
+	EnableSetCookie         bool          `json:"enableSetCookie,omitempty"`
+	DisableHTTPOnly         bool          `json:"disableHTTPOnly"`
+	Secure                  bool          `json:"secure"`
+	EnableSidInHTTPHeader   bool          `json:"EnableSidInHTTPHeader"`
+	EnableSidInURLQuery     bool          `json:"EnableSidInURLQuery"`
+	CookieName              string        `json:"cookieName"`
+	Gclifetime              int64         `json:"gclifetime"`
+	Maxlifetime             int64         `json:"maxLifetime"`
+	CookieLifeTime          int           `json:"cookieLifeTime"`
+	ProviderConfig          string        `json:"providerConfig"`
+	Domain                  string        `json:"domain"`
+	SessionIDLength         int64         `json:"sessionIDLength"`
+	SessionNameInHTTPHeader string        `json:"SessionNameInHTTPHeader"`
+	SessionIDPrefix         string        `json:"sessionIDPrefix"`
+	CookieSameSite          http.SameSite `json:"cookieSameSite"`
+}
+
+func (c *ManagerConfig) Opts(opts ...ManagerConfigOpt) {
+	for _, opt := range opts {
+		opt(c)
+	}
+}
+
+type ManagerConfigOpt func(config *ManagerConfig)
+
+func NewManagerConfig(opts ...ManagerConfigOpt) *ManagerConfig {
+	config := &ManagerConfig{}
+	for _, opt := range opts {
+		opt(config)
+	}
+	return config
+}
+
+// CfgCookieName set key of session id
+func CfgCookieName(cookieName string) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.CookieName = cookieName
+	}
+}
+
+// CfgCookieName set len of session id
+func CfgSessionIdLength(length int64) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.SessionIDLength = length
+	}
+}
+
+// CfgSessionIdPrefix set prefix of session id
+func CfgSessionIdPrefix(prefix string) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.SessionIDPrefix = prefix
+	}
+}
+
+// CfgSetCookie whether set `Set-Cookie` header in HTTP response
+func CfgSetCookie(enable bool) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.EnableSetCookie = enable
+	}
+}
+
+// CfgGcLifeTime set session gc lift time
+func CfgGcLifeTime(lifeTime int64) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.Gclifetime = lifeTime
+	}
+}
+
+// CfgMaxLifeTime set session lift time
+func CfgMaxLifeTime(lifeTime int64) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.Maxlifetime = lifeTime
+	}
+}
+
+// CfgGcLifeTime set session lift time
+func CfgCookieLifeTime(lifeTime int) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.CookieLifeTime = lifeTime
+	}
+}
+
+// CfgProviderConfig configure session provider
+func CfgProviderConfig(providerConfig string) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.ProviderConfig = providerConfig
+	}
+}
+
+// CfgDomain set cookie domain
+func CfgDomain(domain string) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.Domain = domain
+	}
+}
+
+// CfgSessionIdInHTTPHeader enable session id in http header
+func CfgSessionIdInHTTPHeader(enable bool) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.EnableSidInHTTPHeader = enable
+	}
+}
+
+// CfgSetSessionNameInHTTPHeader set key of session id in http header
+func CfgSetSessionNameInHTTPHeader(name string) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.SessionNameInHTTPHeader = name
+	}
+}
+
+// EnableSidInURLQuery enable session id in query string
+func CfgEnableSidInURLQuery(enable bool) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.EnableSidInURLQuery = enable
+	}
+}
+
+// DisableHTTPOnly set HTTPOnly for http.Cookie
+func CfgHTTPOnly(HTTPOnly bool) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.DisableHTTPOnly = !HTTPOnly
+	}
+}
+
+// CfgSecure set Secure for http.Cookie
+func CfgSecure(Enable bool) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.Secure = Enable
+	}
+}
+
+// CfgSameSite set http.SameSite
+func CfgSameSite(sameSite http.SameSite) ManagerConfigOpt {
+	return func(config *ManagerConfig) {
+		config.CookieSameSite = sameSite
+	}
+}