Add server-generated session info to queries
This commit is contained in:
parent
c8980e2eac
commit
e120f8961c
8 changed files with 132 additions and 41 deletions
14
db/db.go
14
db/db.go
|
@ -149,17 +149,11 @@ func Process(fib *fibre.Context, ast *sql.Query, vars map[string]interface{}) (o
|
||||||
fib.Set(ctxKeyId, uuid.New().String())
|
fib.Set(ctxKeyId, uuid.New().String())
|
||||||
}
|
}
|
||||||
|
|
||||||
// Ensure that the IP address of the
|
// Ensure that the session details, such
|
||||||
// user signing in is available so that
|
// as id, ip, and origin, are available on
|
||||||
// it can be used within signin queries.
|
// the 'conn' object on each query.
|
||||||
|
|
||||||
vars[varKeyIp] = fib.IP().String()
|
vars[varKeySession] = session(fib)
|
||||||
|
|
||||||
// Ensure that the website origin of the
|
|
||||||
// user signing in is available so that
|
|
||||||
// it can be used within signin queries.
|
|
||||||
|
|
||||||
vars[varKeyOrigin] = fib.Origin()
|
|
||||||
|
|
||||||
// Ensure that the specified environment
|
// Ensure that the specified environment
|
||||||
// variable 'ENV' is available to the
|
// variable 'ENV' is available to the
|
||||||
|
|
33
db/session.go
Normal file
33
db/session.go
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
// Copyright © 2016 Abcum Ltd
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package db
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/abcum/fibre"
|
||||||
|
)
|
||||||
|
|
||||||
|
func session(c *fibre.Context) (out map[string]interface{}) {
|
||||||
|
|
||||||
|
out = make(map[string]interface{})
|
||||||
|
|
||||||
|
out[varKeyIp] = c.IP().String()
|
||||||
|
|
||||||
|
out[varKeyId] = c.Get(varKeyCook)
|
||||||
|
|
||||||
|
out[varKeyOrigin] = c.Origin()
|
||||||
|
|
||||||
|
return
|
||||||
|
|
||||||
|
}
|
|
@ -68,8 +68,7 @@ func (s *socket) ctx(ns, db string) (ctx context.Context) {
|
||||||
vars := data.New()
|
vars := data.New()
|
||||||
vars.Set(auth.Data, varKeyAuth)
|
vars.Set(auth.Data, varKeyAuth)
|
||||||
vars.Set(auth.Scope, varKeyScope)
|
vars.Set(auth.Scope, varKeyScope)
|
||||||
vars.Set(s.fibre.Origin(), varKeyOrigin)
|
vars.Set(session(s.fibre), varKeySession)
|
||||||
vars.Set(s.fibre.IP().String(), varKeyIp)
|
|
||||||
ctx = context.WithValue(ctx, ctxKeyVars, vars)
|
ctx = context.WithValue(ctx, ctxKeyVars, vars)
|
||||||
|
|
||||||
return
|
return
|
||||||
|
|
26
db/vars.go
26
db/vars.go
|
@ -57,18 +57,20 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
varKeyId = "id"
|
varKeyId = "id"
|
||||||
varKeyIp = "ip"
|
varKeyIp = "ip"
|
||||||
varKeyEnv = "ENV"
|
varKeyEnv = "ENV"
|
||||||
varKeyAuth = "auth"
|
varKeyAuth = "auth"
|
||||||
varKeyThis = "this"
|
varKeyCook = "cook"
|
||||||
varKeyScope = "scope"
|
varKeyThis = "this"
|
||||||
varKeyValue = "value"
|
varKeyScope = "scope"
|
||||||
varKeyAfter = "after"
|
varKeyValue = "value"
|
||||||
varKeyBefore = "before"
|
varKeyAfter = "after"
|
||||||
varKeyMethod = "method"
|
varKeyBefore = "before"
|
||||||
varKeyParent = "parent"
|
varKeyMethod = "method"
|
||||||
varKeyOrigin = "origin"
|
varKeyParent = "parent"
|
||||||
|
varKeyOrigin = "origin"
|
||||||
|
varKeySession = "session"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
|
28
glide.lock
generated
28
glide.lock
generated
|
@ -1,8 +1,8 @@
|
||||||
hash: c56e5bd935dd1933a6e7370fe3fc67ea26169ec91aa05c171543866c6c2490ed
|
hash: c56e5bd935dd1933a6e7370fe3fc67ea26169ec91aa05c171543866c6c2490ed
|
||||||
updated: 2018-05-02T12:28:08.963393+01:00
|
updated: 2018-05-09T23:03:18.058567+01:00
|
||||||
imports:
|
imports:
|
||||||
- name: cloud.google.com/go
|
- name: cloud.google.com/go
|
||||||
version: 29f476ffa9c4cd4fd14336b6043090ac1ad76733
|
version: 056a55f54a6cc77b440b31a56a5e7c3982d32811
|
||||||
subpackages:
|
subpackages:
|
||||||
- compute/metadata
|
- compute/metadata
|
||||||
- iam
|
- iam
|
||||||
|
@ -16,7 +16,7 @@ imports:
|
||||||
- name: github.com/abcum/cork
|
- name: github.com/abcum/cork
|
||||||
version: c246208017d0b81f2e9a3fc2fb7a993c89153839
|
version: c246208017d0b81f2e9a3fc2fb7a993c89153839
|
||||||
- name: github.com/abcum/fibre
|
- name: github.com/abcum/fibre
|
||||||
version: 24b2157453a929f7a86616c415d01b94916b3ed5
|
version: 58f82632f8a973b56347ffdb5632674cd22686c1
|
||||||
subpackages:
|
subpackages:
|
||||||
- mw
|
- mw
|
||||||
- name: github.com/abcum/ptree
|
- name: github.com/abcum/ptree
|
||||||
|
@ -35,7 +35,7 @@ imports:
|
||||||
- name: github.com/armon/go-metrics
|
- name: github.com/armon/go-metrics
|
||||||
version: 783273d703149aaeb9897cf58613d5af48861c25
|
version: 783273d703149aaeb9897cf58613d5af48861c25
|
||||||
- name: github.com/aws/aws-sdk-go
|
- name: github.com/aws/aws-sdk-go
|
||||||
version: 236a3fce423171d03ae327a8aa2512e6fb24df36
|
version: 31bd69f7db00cbf3d85d129e16d42304cb6e455f
|
||||||
subpackages:
|
subpackages:
|
||||||
- aws
|
- aws
|
||||||
- aws/awserr
|
- aws/awserr
|
||||||
|
@ -117,7 +117,7 @@ imports:
|
||||||
- name: github.com/jmespath/go-jmespath
|
- name: github.com/jmespath/go-jmespath
|
||||||
version: c2b33e8439af944379acbdd9c3a5fe0bc44bd8a5
|
version: c2b33e8439af944379acbdd9c3a5fe0bc44bd8a5
|
||||||
- name: github.com/kr/text
|
- name: github.com/kr/text
|
||||||
version: 7cafcd837844e784b526369c9bce262804aebc60
|
version: e2ffdb16a802fe2bb95e2e35ff34f0e53aeef34f
|
||||||
- name: github.com/mattn/go-colorable
|
- name: github.com/mattn/go-colorable
|
||||||
version: efa589957cd060542a26d2dd7832fd6a6c6c3ade
|
version: efa589957cd060542a26d2dd7832fd6a6c6c3ade
|
||||||
- name: github.com/mattn/go-isatty
|
- name: github.com/mattn/go-isatty
|
||||||
|
@ -125,7 +125,7 @@ imports:
|
||||||
- name: github.com/mgutz/ansi
|
- name: github.com/mgutz/ansi
|
||||||
version: 9520e82c474b0a04dd04f8a40959027271bab992
|
version: 9520e82c474b0a04dd04f8a40959027271bab992
|
||||||
- name: github.com/miekg/dns
|
- name: github.com/miekg/dns
|
||||||
version: 01d59357d468872339068bcd5d55a00e2463051f
|
version: eac804ceef194db2da6ee80c728d7658c8c805ff
|
||||||
- name: github.com/mitchellh/mapstructure
|
- name: github.com/mitchellh/mapstructure
|
||||||
version: 00c29f56e2386353d58c599509e8dc3801b0d716
|
version: 00c29f56e2386353d58c599509e8dc3801b0d716
|
||||||
- name: github.com/newrelic/go-agent
|
- name: github.com/newrelic/go-agent
|
||||||
|
@ -160,7 +160,7 @@ imports:
|
||||||
subpackages:
|
subpackages:
|
||||||
- codec
|
- codec
|
||||||
- name: go.opencensus.io
|
- name: go.opencensus.io
|
||||||
version: 10cec2c05ea2cfb8b0d856711daedc49d8a45c56
|
version: c11636694056ed1d664b058521f3aa61016da8ba
|
||||||
subpackages:
|
subpackages:
|
||||||
- exporter/stackdriver/propagation
|
- exporter/stackdriver/propagation
|
||||||
- internal
|
- internal
|
||||||
|
@ -175,7 +175,7 @@ imports:
|
||||||
- trace/internal
|
- trace/internal
|
||||||
- trace/propagation
|
- trace/propagation
|
||||||
- name: golang.org/x/crypto
|
- name: golang.org/x/crypto
|
||||||
version: 613d6eafa307c6881a737a3c35c0e312e8d3a8c5
|
version: 2d027ae1dddd4694d54f7a8b6cbe78dca8720226
|
||||||
subpackages:
|
subpackages:
|
||||||
- bcrypt
|
- bcrypt
|
||||||
- blowfish
|
- blowfish
|
||||||
|
@ -185,7 +185,7 @@ imports:
|
||||||
- scrypt
|
- scrypt
|
||||||
- ssh/terminal
|
- ssh/terminal
|
||||||
- name: golang.org/x/net
|
- name: golang.org/x/net
|
||||||
version: 5f9ae10d9af5b1c89ae6904293b14b064d4ada23
|
version: f73e4c9ed3b7ebdd5f699a16a880c2b1994e50dd
|
||||||
subpackages:
|
subpackages:
|
||||||
- bpf
|
- bpf
|
||||||
- context
|
- context
|
||||||
|
@ -199,17 +199,16 @@ imports:
|
||||||
- internal/timeseries
|
- internal/timeseries
|
||||||
- ipv4
|
- ipv4
|
||||||
- ipv6
|
- ipv6
|
||||||
- lex/httplex
|
|
||||||
- trace
|
- trace
|
||||||
- name: golang.org/x/oauth2
|
- name: golang.org/x/oauth2
|
||||||
version: 6881fee410a5daf86371371f9ad451b95e168b71
|
version: cdc340f7c179dbbfa4afd43b7614e8fcadde4269
|
||||||
subpackages:
|
subpackages:
|
||||||
- google
|
- google
|
||||||
- internal
|
- internal
|
||||||
- jws
|
- jws
|
||||||
- jwt
|
- jwt
|
||||||
- name: golang.org/x/sys
|
- name: golang.org/x/sys
|
||||||
version: 78d5f264b493f125018180c204871ecf58a2dce1
|
version: 64746a42f36bf0832f86b76004f1699dbeb33e4f
|
||||||
subpackages:
|
subpackages:
|
||||||
- unix
|
- unix
|
||||||
- windows
|
- windows
|
||||||
|
@ -226,7 +225,7 @@ imports:
|
||||||
- unicode/bidi
|
- unicode/bidi
|
||||||
- unicode/norm
|
- unicode/norm
|
||||||
- name: google.golang.org/api
|
- name: google.golang.org/api
|
||||||
version: ce90db2c36a2cb8c9c06779ed8bb96f92ea6e3b8
|
version: 4bd7f4beb291148443ed4553071c4e0697ff4afb
|
||||||
subpackages:
|
subpackages:
|
||||||
- gensupport
|
- gensupport
|
||||||
- googleapi
|
- googleapi
|
||||||
|
@ -257,7 +256,7 @@ imports:
|
||||||
- googleapis/rpc/code
|
- googleapis/rpc/code
|
||||||
- googleapis/rpc/status
|
- googleapis/rpc/status
|
||||||
- name: google.golang.org/grpc
|
- name: google.golang.org/grpc
|
||||||
version: e538e04cad1b83e47b2ccbbbfe6d5fd5a816d290
|
version: 45d7f3a23f0b937ba711aa0e3e3426325d3b9ae4
|
||||||
subpackages:
|
subpackages:
|
||||||
- balancer
|
- balancer
|
||||||
- balancer/base
|
- balancer/base
|
||||||
|
@ -271,7 +270,6 @@ imports:
|
||||||
- grpclb/grpc_lb_v1/messages
|
- grpclb/grpc_lb_v1/messages
|
||||||
- grpclog
|
- grpclog
|
||||||
- internal
|
- internal
|
||||||
- internal/msgdecoder
|
|
||||||
- keepalive
|
- keepalive
|
||||||
- metadata
|
- metadata
|
||||||
- naming
|
- naming
|
||||||
|
|
58
web/sess.go
Normal file
58
web/sess.go
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
// Copyright © 2016 Abcum Ltd
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package web
|
||||||
|
|
||||||
|
import (
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/abcum/fibre"
|
||||||
|
"github.com/abcum/surreal/cnf"
|
||||||
|
"github.com/abcum/surreal/util/rand"
|
||||||
|
)
|
||||||
|
|
||||||
|
const cookie = "surreal"
|
||||||
|
|
||||||
|
func sess() fibre.MiddlewareFunc {
|
||||||
|
return func(h fibre.HandlerFunc) fibre.HandlerFunc {
|
||||||
|
return func(c *fibre.Context) (err error) {
|
||||||
|
|
||||||
|
val, err := c.Request().Cookie(cookie)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
|
||||||
|
crt := len(cnf.Settings.Cert.Crt) != 0
|
||||||
|
key := len(cnf.Settings.Cert.Key) != 0
|
||||||
|
|
||||||
|
val = &http.Cookie{
|
||||||
|
Name: cookie,
|
||||||
|
Value: rand.String(64),
|
||||||
|
Secure: (crt && key),
|
||||||
|
HttpOnly: true,
|
||||||
|
Expires: time.Now().Add(365 * 24 * time.Hour),
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
c.Response().Header().Set("Set-Cookie", val.String())
|
||||||
|
|
||||||
|
c.Set(varKeyCook, val.Value)
|
||||||
|
|
||||||
|
return h(c)
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -25,4 +25,5 @@ const (
|
||||||
varKeyAuth = "auth"
|
varKeyAuth = "auth"
|
||||||
varKeyUser = "user"
|
varKeyUser = "user"
|
||||||
varKeyPass = "pass"
|
varKeyPass = "pass"
|
||||||
|
varKeyCook = "cook"
|
||||||
)
|
)
|
||||||
|
|
10
web/web.go
10
web/web.go
|
@ -46,7 +46,7 @@ func Setup(opts *cnf.Options) (err error) {
|
||||||
// Add cors headers
|
// Add cors headers
|
||||||
|
|
||||||
s.Use(mw.Cors(&mw.CorsOpts{
|
s.Use(mw.Cors(&mw.CorsOpts{
|
||||||
AllowedOrigin: "*",
|
AllowedOrigin: "=",
|
||||||
AllowedMethods: []string{
|
AllowedMethods: []string{
|
||||||
"GET",
|
"GET",
|
||||||
"PUT",
|
"PUT",
|
||||||
|
@ -63,8 +63,10 @@ func Setup(opts *cnf.Options) (err error) {
|
||||||
"Origin",
|
"Origin",
|
||||||
"NS",
|
"NS",
|
||||||
"DB",
|
"DB",
|
||||||
|
"ID",
|
||||||
},
|
},
|
||||||
AccessControlMaxAge: 600,
|
AccessControlMaxAge: 1800,
|
||||||
|
AccessControlAllowCredentials: true,
|
||||||
}))
|
}))
|
||||||
|
|
||||||
// Check body size
|
// Check body size
|
||||||
|
@ -73,6 +75,10 @@ func Setup(opts *cnf.Options) (err error) {
|
||||||
AllowedLength: 1 << 20, // 1mb
|
AllowedLength: 1 << 20, // 1mb
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
// Setup session cookie
|
||||||
|
|
||||||
|
s.Use(sess())
|
||||||
|
|
||||||
// Setup authentication
|
// Setup authentication
|
||||||
|
|
||||||
s.Use(auth())
|
s.Use(auth())
|
||||||
|
|
Loading…
Reference in a new issue