mirror of https://github.com/miniflux/v2.git
Rename sessions table to user_sessions
This commit is contained in:
Frédéric Guillot
parent
27196589fb
commit
58acd1d5e3
|
|
@ -7,8 +7,8 @@ package model
|
|||
import "time"
|
||||
import "fmt"
|
||||
|
||||
// Session represents a user session in the system.
|
||||
type Session struct {
|
||||
// UserSession represents a user session in the system.
|
||||
type UserSession struct {
|
||||
ID int64
|
||||
UserID int64
|
||||
Token string
|
||||
|
|
@ -17,9 +17,9 @@ type Session struct {
|
|||
IP string
|
||||
}
|
||||
|
||||
func (s *Session) String() string {
|
||||
return fmt.Sprintf("ID=%d, UserID=%d, IP=%s", s.ID, s.UserID, s.IP)
|
||||
func (s *UserSession) String() string {
|
||||
return fmt.Sprintf(`ID="%d", UserID="%d", IP="%s", Token="%s"`, s.ID, s.UserID, s.IP, s.Token)
|
||||
}
|
||||
|
||||
// Sessions represents a list of sessions.
|
||||
type Sessions []*Session
|
||||
// UserSessions represents a list of sessions.
|
||||
type UserSessions []*UserSession
|
||||
|
|
@ -55,13 +55,13 @@ func (s *SessionMiddleware) isPublicRoute(r *http.Request) bool {
|
|||
}
|
||||
}
|
||||
|
||||
func (s *SessionMiddleware) getSessionFromCookie(r *http.Request) *model.Session {
|
||||
func (s *SessionMiddleware) getSessionFromCookie(r *http.Request) *model.UserSession {
|
||||
sessionCookie, err := r.Cookie("sessionID")
|
||||
if err == http.ErrNoCookie {
|
||||
return nil
|
||||
}
|
||||
|
||||
session, err := s.store.SessionByToken(sessionCookie.Value)
|
||||
session, err := s.store.UserSessionByToken(sessionCookie.Value)
|
||||
if err != nil {
|
||||
logger.Error("[SessionMiddleware] %v", err)
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ func (c *Controller) CheckLogin(ctx *core.Context, request *core.Request, respon
|
|||
return
|
||||
}
|
||||
|
||||
sessionToken, err := c.store.CreateSession(
|
||||
sessionToken, err := c.store.CreateUserSession(
|
||||
authForm.Username,
|
||||
request.Request().UserAgent(),
|
||||
realip.RealIP(request.Request()),
|
||||
|
|
@ -77,7 +77,7 @@ func (c *Controller) Logout(ctx *core.Context, request *core.Request, response *
|
|||
user := ctx.LoggedUser()
|
||||
|
||||
sessionCookie := request.Cookie("sessionID")
|
||||
if err := c.store.RemoveSessionByToken(user.ID, sessionCookie); err != nil {
|
||||
if err := c.store.RemoveUserSessionByToken(user.ID, sessionCookie); err != nil {
|
||||
logger.Error("[Controller:Logout] %v", err)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re
|
|||
}
|
||||
}
|
||||
|
||||
sessionToken, err := c.store.CreateSession(
|
||||
sessionToken, err := c.store.CreateUserSession(
|
||||
user.Username,
|
||||
request.Request().UserAgent(),
|
||||
realip.RealIP(request.Request()),
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ func (c *Controller) ShowSessions(ctx *core.Context, request *core.Request, resp
|
|||
return
|
||||
}
|
||||
|
||||
sessions, err := c.store.Sessions(user.ID)
|
||||
sessions, err := c.store.UserSessions(user.ID)
|
||||
if err != nil {
|
||||
response.HTML().ServerError(err)
|
||||
return
|
||||
|
|
@ -42,7 +42,7 @@ func (c *Controller) RemoveSession(ctx *core.Context, request *core.Request, res
|
|||
return
|
||||
}
|
||||
|
||||
err = c.store.RemoveSessionByID(user.ID, sessionID)
|
||||
err = c.store.RemoveUserSessionByID(user.ID, sessionID)
|
||||
if err != nil {
|
||||
logger.Error("[Controller:RemoveSession] %v", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
alter table sessions rename to user_sessions;
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
// Code generated by go generate; DO NOT EDIT.
|
||||
// 2017-12-15 18:49:24.029844239 -0800 PST m=+0.002440111
|
||||
// 2017-12-16 12:08:03.005451004 -0800 PST m=+0.002264796
|
||||
|
||||
package sql
|
||||
|
||||
|
|
@ -143,6 +143,7 @@ alter table users add column entry_direction entry_sorting_direction default 'as
|
|||
`,
|
||||
"schema_version_8": `alter table feeds add column crawler boolean default 'f';
|
||||
`,
|
||||
"schema_version_9": `alter table sessions rename to user_sessions;`,
|
||||
}
|
||||
|
||||
var SqlMapChecksums = map[string]string{
|
||||
|
|
@ -154,4 +155,5 @@ var SqlMapChecksums = map[string]string{
|
|||
"schema_version_6": "9d05b4fb223f0e60efc716add5048b0ca9c37511cf2041721e20505d6d798ce4",
|
||||
"schema_version_7": "33f298c9aa30d6de3ca28e1270df51c2884d7596f1283a75716e2aeb634cd05c",
|
||||
"schema_version_8": "9922073fc4032d8922617ec6a6a07ae8d4817846c138760fb96cb5608ab83bfc",
|
||||
"schema_version_9": "de5ba954752fe808a993feef5bf0c6f808e0a4ced5379de8bec8342678150892",
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ import (
|
|||
"github.com/miniflux/miniflux/sql"
|
||||
)
|
||||
|
||||
const schemaVersion = 8
|
||||
const schemaVersion = 9
|
||||
|
||||
// Migrate run database migrations.
|
||||
func (s *Storage) Migrate() {
|
||||
|
|
|
|||
|
|
@ -1,132 +0,0 @@
|
|||
// Copyright 2017 Frédéric Guillot. All rights reserved.
|
||||
// Use of this source code is governed by the Apache 2.0
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package storage
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"fmt"
|
||||
|
||||
"github.com/miniflux/miniflux/helper"
|
||||
"github.com/miniflux/miniflux/model"
|
||||
)
|
||||
|
||||
// Sessions returns the list of sessions for the given user.
|
||||
func (s *Storage) Sessions(userID int64) (model.Sessions, error) {
|
||||
query := `SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE user_id=$1 ORDER BY id DESC`
|
||||
rows, err := s.db.Query(query, userID)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch sessions: %v", err)
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
var sessions model.Sessions
|
||||
for rows.Next() {
|
||||
var session model.Session
|
||||
err := rows.Scan(
|
||||
&session.ID,
|
||||
&session.UserID,
|
||||
&session.Token,
|
||||
&session.CreatedAt,
|
||||
&session.UserAgent,
|
||||
&session.IP,
|
||||
)
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch session row: %v", err)
|
||||
}
|
||||
|
||||
sessions = append(sessions, &session)
|
||||
}
|
||||
|
||||
return sessions, nil
|
||||
}
|
||||
|
||||
// CreateSession creates a new sessions.
|
||||
func (s *Storage) CreateSession(username, userAgent, ip string) (sessionID string, err error) {
|
||||
var userID int64
|
||||
|
||||
err = s.db.QueryRow("SELECT id FROM users WHERE username = $1", username).Scan(&userID)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("unable to fetch UserID: %v", err)
|
||||
}
|
||||
|
||||
token := helper.GenerateRandomString(64)
|
||||
query := "INSERT INTO sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)"
|
||||
_, err = s.db.Exec(query, token, userID, userAgent, ip)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("unable to create session: %v", err)
|
||||
}
|
||||
|
||||
s.SetLastLogin(userID)
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
// SessionByToken finds a session by the token.
|
||||
func (s *Storage) SessionByToken(token string) (*model.Session, error) {
|
||||
var session model.Session
|
||||
|
||||
query := "SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE token = $1"
|
||||
err := s.db.QueryRow(query, token).Scan(
|
||||
&session.ID,
|
||||
&session.UserID,
|
||||
&session.Token,
|
||||
&session.CreatedAt,
|
||||
&session.UserAgent,
|
||||
&session.IP,
|
||||
)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
return nil, fmt.Errorf("session not found: %s", token)
|
||||
} else if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch session: %v", err)
|
||||
}
|
||||
|
||||
return &session, nil
|
||||
}
|
||||
|
||||
// RemoveSessionByToken remove a session by using the token.
|
||||
func (s *Storage) RemoveSessionByToken(userID int64, token string) error {
|
||||
result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND token=$2`, userID, token)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this session: %v", err)
|
||||
}
|
||||
|
||||
count, err := result.RowsAffected()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this session: %v", err)
|
||||
}
|
||||
|
||||
if count != 1 {
|
||||
return fmt.Errorf("nothing has been removed")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// RemoveSessionByID remove a session by using the ID.
|
||||
func (s *Storage) RemoveSessionByID(userID, sessionID int64) error {
|
||||
result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND id=$2`, userID, sessionID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this session: %v", err)
|
||||
}
|
||||
|
||||
count, err := result.RowsAffected()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this session: %v", err)
|
||||
}
|
||||
|
||||
if count != 1 {
|
||||
return fmt.Errorf("nothing has been removed")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// FlushAllSessions removes all sessions from the database.
|
||||
func (s *Storage) FlushAllSessions() (err error) {
|
||||
_, err = s.db.Exec(`DELETE FROM sessions`)
|
||||
return
|
||||
}
|
||||
|
|
@ -0,0 +1,135 @@
|
|||
// Copyright 2017 Frédéric Guillot. All rights reserved.
|
||||
// Use of this source code is governed by the Apache 2.0
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package storage
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"fmt"
|
||||
|
||||
"github.com/miniflux/miniflux/helper"
|
||||
"github.com/miniflux/miniflux/model"
|
||||
)
|
||||
|
||||
// UserSessions returns the list of sessions for the given user.
|
||||
func (s *Storage) UserSessions(userID int64) (model.UserSessions, error) {
|
||||
query := `SELECT
|
||||
id, user_id, token, created_at, user_agent, ip
|
||||
FROM user_sessions
|
||||
WHERE user_id=$1 ORDER BY id DESC`
|
||||
rows, err := s.db.Query(query, userID)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch user sessions: %v", err)
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
var sessions model.UserSessions
|
||||
for rows.Next() {
|
||||
var session model.UserSession
|
||||
err := rows.Scan(
|
||||
&session.ID,
|
||||
&session.UserID,
|
||||
&session.Token,
|
||||
&session.CreatedAt,
|
||||
&session.UserAgent,
|
||||
&session.IP,
|
||||
)
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch user session row: %v", err)
|
||||
}
|
||||
|
||||
sessions = append(sessions, &session)
|
||||
}
|
||||
|
||||
return sessions, nil
|
||||
}
|
||||
|
||||
// CreateUserSession creates a new sessions.
|
||||
func (s *Storage) CreateUserSession(username, userAgent, ip string) (sessionID string, err error) {
|
||||
var userID int64
|
||||
|
||||
err = s.db.QueryRow("SELECT id FROM users WHERE username = $1", username).Scan(&userID)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("unable to fetch UserID: %v", err)
|
||||
}
|
||||
|
||||
token := helper.GenerateRandomString(64)
|
||||
query := "INSERT INTO user_sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)"
|
||||
_, err = s.db.Exec(query, token, userID, userAgent, ip)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("unable to create user session: %v", err)
|
||||
}
|
||||
|
||||
s.SetLastLogin(userID)
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
// UserSessionByToken finds a session by the token.
|
||||
func (s *Storage) UserSessionByToken(token string) (*model.UserSession, error) {
|
||||
var session model.UserSession
|
||||
|
||||
query := "SELECT id, user_id, token, created_at, user_agent, ip FROM user_sessions WHERE token = $1"
|
||||
err := s.db.QueryRow(query, token).Scan(
|
||||
&session.ID,
|
||||
&session.UserID,
|
||||
&session.Token,
|
||||
&session.CreatedAt,
|
||||
&session.UserAgent,
|
||||
&session.IP,
|
||||
)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
return nil, fmt.Errorf("user session not found: %s", token)
|
||||
} else if err != nil {
|
||||
return nil, fmt.Errorf("unable to fetch user session: %v", err)
|
||||
}
|
||||
|
||||
return &session, nil
|
||||
}
|
||||
|
||||
// RemoveUserSessionByToken remove a session by using the token.
|
||||
func (s *Storage) RemoveUserSessionByToken(userID int64, token string) error {
|
||||
result, err := s.db.Exec(`DELETE FROM user_sessions WHERE user_id=$1 AND token=$2`, userID, token)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this user session: %v", err)
|
||||
}
|
||||
|
||||
count, err := result.RowsAffected()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this user session: %v", err)
|
||||
}
|
||||
|
||||
if count != 1 {
|
||||
return fmt.Errorf("nothing has been removed")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// RemoveUserSessionByID remove a session by using the ID.
|
||||
func (s *Storage) RemoveUserSessionByID(userID, sessionID int64) error {
|
||||
result, err := s.db.Exec(`DELETE FROM user_sessions WHERE user_id=$1 AND id=$2`, userID, sessionID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this user session: %v", err)
|
||||
}
|
||||
|
||||
count, err := result.RowsAffected()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to remove this user session: %v", err)
|
||||
}
|
||||
|
||||
if count != 1 {
|
||||
return fmt.Errorf("nothing has been removed")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// FlushAllSessions removes all user sessions from the database.
|
||||
func (s *Storage) FlushAllSessions() (err error) {
|
||||
_, err = s.db.Exec(`DELETE FROM user_sessions`)
|
||||
return
|
||||
}
|
||||
Loading…
Reference in New Issue