Compare commits
3 Commits
v2024.11.8
...
develop
| Author | SHA1 | Date |
|---|---|---|
 wpetit
|
ce7415af20 | |
|
wpetit
|
7cc9de180c | |
|
wpetit
|
74c2a2c055 |
|
|
@ -21,6 +21,9 @@ func NewDefaultLayersConfig() LayersConfig {
|
|||
Timeout: NewInterpolatedDuration(10 * time.Second),
|
||||
},
|
||||
},
|
||||
Sessions: AuthnLayerSessionConfig{
|
||||
TTL: NewInterpolatedDuration(time.Hour),
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
@ -34,6 +37,11 @@ type AuthnLayerConfig struct {
|
|||
Debug InterpolatedBool `yaml:"debug"`
|
||||
TemplateDir InterpolatedString `yaml:"templateDir"`
|
||||
OIDC AuthnOIDCLayerConfig `yaml:"oidc"`
|
||||
Sessions AuthnLayerSessionConfig `yaml:"sessions"`
|
||||
}
|
||||
|
||||
type AuthnLayerSessionConfig struct {
|
||||
TTL *InterpolatedDuration `yaml:"ttl"`
|
||||
}
|
||||
|
||||
type AuthnOIDCLayerConfig struct {
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ import (
|
|||
type Options struct {
|
||||
Session sessions.Options
|
||||
KeyPrefix string
|
||||
TTL time.Duration
|
||||
}
|
||||
|
||||
type OptionFunc func(opts *Options)
|
||||
|
|
@ -25,6 +26,7 @@ func NewOptions(funcs ...OptionFunc) *Options {
|
|||
SameSite: http.SameSiteDefaultMode,
|
||||
},
|
||||
KeyPrefix: "session:",
|
||||
TTL: time.Hour,
|
||||
}
|
||||
|
||||
for _, fn := range funcs {
|
||||
|
|
@ -45,3 +47,9 @@ func WithKeyPrefix(prefix string) OptionFunc {
|
|||
opts.KeyPrefix = prefix
|
||||
}
|
||||
}
|
||||
|
||||
func WithTTL(ttl time.Duration) OptionFunc {
|
||||
return func(opts *Options) {
|
||||
opts.TTL = ttl
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ type Store struct {
|
|||
keyPrefix string
|
||||
keyGen KeyGenFunc
|
||||
serializer SessionSerializer
|
||||
ttl time.Duration
|
||||
}
|
||||
|
||||
type KeyGenFunc func() (string, error)
|
||||
|
|
@ -43,6 +44,7 @@ func NewStore(adapter StoreAdapter, funcs ...OptionFunc) *Store {
|
|||
keyPrefix: opts.KeyPrefix,
|
||||
keyGen: generateRandomKey,
|
||||
serializer: GobSerializer{},
|
||||
ttl: opts.TTL,
|
||||
}
|
||||
|
||||
return rs
|
||||
|
|
@ -62,20 +64,21 @@ func (s *Store) New(r *http.Request, name string) (*sessions.Session, error) {
|
|||
if err != nil {
|
||||
return session, nil
|
||||
}
|
||||
|
||||
session.ID = c.Value
|
||||
|
||||
err = s.load(r.Context(), session)
|
||||
if err == nil {
|
||||
session.IsNew = false
|
||||
} else if !errors.Is(err, ErrNotFound) {
|
||||
return nil, errors.WithStack(err)
|
||||
return session, errors.WithStack(err)
|
||||
}
|
||||
|
||||
return session, nil
|
||||
}
|
||||
|
||||
func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
|
||||
if session.Options.MaxAge <= 0 {
|
||||
if session.Options.MaxAge < 0 {
|
||||
if err := s.delete(r.Context(), session); err != nil {
|
||||
return errors.WithStack(err)
|
||||
}
|
||||
|
|
@ -120,7 +123,12 @@ func (s *Store) save(ctx context.Context, session *sessions.Session) error {
|
|||
return errors.WithStack(err)
|
||||
}
|
||||
|
||||
if err := s.adapter.Set(ctx, s.keyPrefix+session.ID, b, time.Duration(session.Options.MaxAge)*time.Second); err != nil {
|
||||
ttl := time.Duration(session.Options.MaxAge) * time.Second
|
||||
if s.ttl < ttl || ttl == 0 {
|
||||
ttl = s.ttl
|
||||
}
|
||||
|
||||
if err := s.adapter.Set(ctx, s.keyPrefix+session.ID, b, ttl); err != nil {
|
||||
return errors.WithStack(err)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -218,6 +218,11 @@ layers:
|
|||
authn:
|
||||
# Répertoire contenant les templates
|
||||
templateDir: "/etc/bouncer/layers/authn/templates"
|
||||
# Configuration des sessions
|
||||
sessions:
|
||||
# Temps de persistence sans actualisation des sessions dans le store
|
||||
# (prévalent sur le MaxAge de la session)
|
||||
ttl: "1h"
|
||||
|
||||
# Configuration d'une série de proxy/layers
|
||||
# à créer par défaut par le serveur d'administration
|
||||
|
|
|
|||
Loading…
Reference in New Issue