summaryrefslogtreecommitdiff
path: root/db/session.go
blob: bddedda435073c69abb3b94e9c0b57369bfef728 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package db

import (
	"database/sql"
	"crypto/rand"
	"encoding/base64"
	"errors"
	"time"
)


func (p *Phlox) CreateSession(user User) (Session, error) {
	bytes := make([]byte, 32)
	_, err := rand.Read(bytes)
	if err != nil {
		return Session{}, err
	}

	sessionid := base64.StdEncoding.EncodeToString(bytes)
	userid := user.Id
	now := time.Now().UTC()
	nowStr := now.Format(time.RFC3339)

	_, err = p.db.Exec(
		"insert into sessions (sessionid, userid, created, modified) values (?, ?, ?, ?);", 
		sessionid, 
		userid,
		nowStr, nowStr,
	)
	if err != nil {
		return Session{}, err
	}

	return Session{
		Id: sessionid,
		UserId: userid,
		Created: now,
		Modified: now,
	}, nil
}


func (p *Phlox) DeleteSession(session Session) error {
	_, err := p.db.Exec("delete from sessions where sessionid = ?;", session.Id)
	return err
}


func extractSession(s Scanner) (Session, error) {
	var (
		session Session
		createdStr string
		modifiedStr string
	)

	// scan
	err := s.Scan(&session.Id, &session.UserId, &createdStr, &modifiedStr)
	if err != nil {
		return Session{}, err
	}

	// parse times
	session.Created, err = time.Parse(time.RFC3339, createdStr)
	if err != nil {
		return Session{}, err
	}
	session.Modified, err = time.Parse(time.RFC3339, modifiedStr)
	if err != nil {
		return Session{}, err
	}

	return session, nil
}


func (p *Phlox) CheckSession(session Session) (bool, error) {
	row := p.db.QueryRow("select * from sessions where sessionid = ?", session.Id)
	session, err := extractSession(row)
	if err != nil {
		if errors.Is(err, sql.ErrNoRows) {
			// no row returned, so invalid session
			return false, nil
		} else {
			// some other error
			return false, err
		}
	}

	return true, nil
}


func (p *Phlox) TouchSession(session Session) error {
	now := time.Now().UTC().Format(time.RFC3339)
	_, err := p.db.Exec(
		"update sessions set modified = ? where sessionid = ?;",
		now, session.Id,
	)
	return err	
}


func (p *Phlox) CleanSessions(maxIdle time.Duration) error {
	expire := time.Now().UTC().Add(-maxIdle).Format(time.RFC3339)
	_, err := p.db.Exec("delete from sessions where modified < ?;", expire)
	return err
}


func (p *Phlox) AllSessions() ([]Session, error) {
	sessions := make([]Session, 0)
	rows, err := p.db.Query("select * from sessions;")
	if err != nil {
		return sessions, err
	}
	defer rows.Close()

	for rows.Next() {
		session, err := extractSession(rows)
		if err != nil {
			return sessions, err
		}
		sessions = append(sessions, session)
	}

	return sessions, nil
}