diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index a7f931b047a..acd02dab08c 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -551,7 +551,7 @@ Define allowed algorithms and their minimum key length (use -1 to disable a type ## Session (`session`) -- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, mysql, couchbase, memcache, postgres\]. +- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, db, mysql, couchbase, memcache, postgres\]. - `PROVIDER_CONFIG`: **data/sessions**: For file, the root path; for others, the connection string. - `COOKIE_SECURE`: **false**: Enable this to force using HTTPS for all session access. - `COOKIE_NAME`: **i\_like\_gitea**: The name of the cookie used for the session ID. diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index 66a44a27f89..740e8cb3ee9 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -290,6 +290,8 @@ var migrations = []Migration{ NewMigration("Add Dismissed to Review table", addDismissedReviewColumn), // v171 -> v172 NewMigration("Add Sorting to ProjectBoard table", addSortingColToProjectBoard), + // v172 -> v173 + NewMigration("Add sessions table for go-chi/session", addSessionTable), } // GetCurrentDBVersion returns the current db version diff --git a/models/migrations/v172.go b/models/migrations/v172.go new file mode 100644 index 00000000000..51f83bcc912 --- /dev/null +++ b/models/migrations/v172.go @@ -0,0 +1,20 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package migrations + +import ( + "code.gitea.io/gitea/modules/timeutil" + + "xorm.io/xorm" +) + +func addSessionTable(x *xorm.Engine) error { + type Session struct { + Key string `xorm:"pk CHAR(16)"` + Data []byte `xorm:"BLOB"` + CreatedUnix timeutil.TimeStamp + } + return x.Sync2(new(Session)) +} diff --git a/models/models.go b/models/models.go index 1bfe75b7fc5..de50793fe78 100644 --- a/models/models.go +++ b/models/models.go @@ -132,6 +132,7 @@ func init() { new(Project), new(ProjectBoard), new(ProjectIssue), + new(Session), ) gonicNames := []string{"SSL", "UID"} diff --git a/models/session.go b/models/session.go new file mode 100644 index 00000000000..fe363ee4873 --- /dev/null +++ b/models/session.go @@ -0,0 +1,122 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package models + +import ( + "fmt" + + "code.gitea.io/gitea/modules/timeutil" +) + +// Session represents a session compatible for go-chi session +type Session struct { + Key string `xorm:"pk CHAR(16)"` // has to be Key to match with go-chi/session + Data []byte `xorm:"BLOB"` + Expiry timeutil.TimeStamp // has to be Expiry to match with go-chi/session +} + +// UpdateSession updates the session with provided id +func UpdateSession(key string, data []byte) error { + _, err := x.ID(key).Update(&Session{ + Data: data, + Expiry: timeutil.TimeStampNow(), + }) + return err +} + +// ReadSession reads the data for the provided session +func ReadSession(key string) (*Session, error) { + session := Session{ + Key: key, + } + sess := x.NewSession() + defer sess.Close() + if err := sess.Begin(); err != nil { + return nil, err + } + + if has, err := sess.Get(&session); err != nil { + return nil, err + } else if !has { + session.Expiry = timeutil.TimeStampNow() + _, err := sess.Insert(&session) + if err != nil { + return nil, err + } + } + + return &session, sess.Commit() +} + +// ExistSession checks if a session exists +func ExistSession(key string) (bool, error) { + session := Session{ + Key: key, + } + return x.Get(&session) +} + +// DestroySession destroys a session +func DestroySession(key string) error { + _, err := x.Delete(&Session{ + Key: key, + }) + return err +} + +// RegenerateSession regenerates a session from the old id +func RegenerateSession(oldKey, newKey string) (*Session, error) { + sess := x.NewSession() + defer sess.Close() + if err := sess.Begin(); err != nil { + return nil, err + } + + if has, err := sess.Get(&Session{ + Key: newKey, + }); err != nil { + return nil, err + } else if has { + return nil, fmt.Errorf("session Key: %s already exists", newKey) + } + + if has, err := sess.Get(&Session{ + Key: oldKey, + }); err != nil { + return nil, err + } else if !has { + _, err := sess.Insert(&Session{ + Key: oldKey, + Expiry: timeutil.TimeStampNow(), + }) + if err != nil { + return nil, err + } + } + + if _, err := sess.Exec("UPDATE "+sess.Engine().TableName(&Session{})+" SET `key` = ? WHERE `key`=?", newKey, oldKey); err != nil { + return nil, err + } + + s := Session{ + Key: newKey, + } + if _, err := sess.Get(&s); err != nil { + return nil, err + } + + return &s, sess.Commit() +} + +// CountSessions returns the number of sessions +func CountSessions() (int64, error) { + return x.Count(&Session{}) +} + +// CleanupSessions cleans up expired sessions +func CleanupSessions(maxLifetime int64) error { + _, err := x.Where("created_unix <= ?", timeutil.TimeStampNow().Add(-maxLifetime)).Delete(&Session{}) + return err +} diff --git a/modules/session/db.go b/modules/session/db.go new file mode 100644 index 00000000000..db8c01de95f --- /dev/null +++ b/modules/session/db.go @@ -0,0 +1,172 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package session + +import ( + "log" + "sync" + + "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/timeutil" + + "gitea.com/go-chi/session" +) + +// DBStore represents a session store implementation based on the DB. +type DBStore struct { + sid string + lock sync.RWMutex + data map[interface{}]interface{} +} + +// NewDBStore creates and returns a DB session store. +func NewDBStore(sid string, kv map[interface{}]interface{}) *DBStore { + return &DBStore{ + sid: sid, + data: kv, + } +} + +// Set sets value to given key in session. +func (s *DBStore) Set(key, val interface{}) error { + s.lock.Lock() + defer s.lock.Unlock() + + s.data[key] = val + return nil +} + +// Get gets value by given key in session. +func (s *DBStore) Get(key interface{}) interface{} { + s.lock.RLock() + defer s.lock.RUnlock() + + return s.data[key] +} + +// Delete delete a key from session. +func (s *DBStore) Delete(key interface{}) error { + s.lock.Lock() + defer s.lock.Unlock() + + delete(s.data, key) + return nil +} + +// ID returns current session ID. +func (s *DBStore) ID() string { + return s.sid +} + +// Release releases resource and save data to provider. +func (s *DBStore) Release() error { + // Skip encoding if the data is empty + if len(s.data) == 0 { + return nil + } + + data, err := session.EncodeGob(s.data) + if err != nil { + return err + } + + return models.UpdateSession(s.sid, data) +} + +// Flush deletes all session data. +func (s *DBStore) Flush() error { + s.lock.Lock() + defer s.lock.Unlock() + + s.data = make(map[interface{}]interface{}) + return nil +} + +// DBProvider represents a DB session provider implementation. +type DBProvider struct { + maxLifetime int64 +} + +// Init initializes DB session provider. +// connStr: username:password@protocol(address)/dbname?param=value +func (p *DBProvider) Init(maxLifetime int64, connStr string) error { + p.maxLifetime = maxLifetime + return nil +} + +// Read returns raw session store by session ID. +func (p *DBProvider) Read(sid string) (session.RawStore, error) { + s, err := models.ReadSession(sid) + if err != nil { + return nil, err + } + + var kv map[interface{}]interface{} + if len(s.Data) == 0 || s.Expiry.Add(p.maxLifetime) <= timeutil.TimeStampNow() { + kv = make(map[interface{}]interface{}) + } else { + kv, err = session.DecodeGob(s.Data) + if err != nil { + return nil, err + } + } + + return NewDBStore(sid, kv), nil +} + +// Exist returns true if session with given ID exists. +func (p *DBProvider) Exist(sid string) bool { + has, err := models.ExistSession(sid) + if err != nil { + panic("session/DB: error checking existence: " + err.Error()) + } + return has +} + +// Destroy deletes a session by session ID. +func (p *DBProvider) Destroy(sid string) error { + return models.DestroySession(sid) +} + +// Regenerate regenerates a session store from old session ID to new one. +func (p *DBProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { + s, err := models.RegenerateSession(oldsid, sid) + if err != nil { + return nil, err + + } + + var kv map[interface{}]interface{} + if len(s.Data) == 0 || s.Expiry.Add(p.maxLifetime) <= timeutil.TimeStampNow() { + kv = make(map[interface{}]interface{}) + } else { + kv, err = session.DecodeGob(s.Data) + if err != nil { + return nil, err + } + } + + return NewDBStore(sid, kv), nil +} + +// Count counts and returns number of sessions. +func (p *DBProvider) Count() int { + total, err := models.CountSessions() + if err != nil { + panic("session/DB: error counting records: " + err.Error()) + } + return int(total) +} + +// GC calls GC to clean expired sessions. +func (p *DBProvider) GC() { + if err := models.CleanupSessions(p.maxLifetime); err != nil { + log.Printf("session/DB: error garbage collecting: %v", err) + } +} + +func init() { + session.Register("db", &DBProvider{}) +} diff --git a/modules/session/virtual.go b/modules/session/virtual.go index 3da499d71a2..8402d49a775 100644 --- a/modules/session/virtual.go +++ b/modules/session/virtual.go @@ -39,6 +39,8 @@ func (o *VirtualSessionProvider) Init(gclifetime int64, config string) error { o.provider = &session.FileProvider{} case "redis": o.provider = &RedisProvider{} + case "db": + o.provider = &DBProvider{} case "mysql": o.provider = &mysql.MysqlProvider{} case "postgres": diff --git a/modules/setting/session.go b/modules/setting/session.go index 222c246e111..31f876132db 100644 --- a/modules/setting/session.go +++ b/modules/setting/session.go @@ -41,7 +41,7 @@ var ( func newSessionService() { sec := Cfg.Section("session") SessionConfig.Provider = sec.Key("PROVIDER").In("memory", - []string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache"}) + []string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache", "db"}) SessionConfig.ProviderConfig = strings.Trim(sec.Key("PROVIDER_CONFIG").MustString(path.Join(AppDataPath, "sessions")), "\" ") if SessionConfig.Provider == "file" && !filepath.IsAbs(SessionConfig.ProviderConfig) { SessionConfig.ProviderConfig = path.Join(AppWorkPath, SessionConfig.ProviderConfig)