71 lines
2.0 KiB
Go
71 lines
2.0 KiB
Go
package platform
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
)
|
|
|
|
// ErrSessionNotFound is the error messages for a missing sessions.
|
|
const ErrSessionNotFound = "session not found"
|
|
|
|
// ErrSessionExpired is the error message for expired sessions.
|
|
const ErrSessionExpired = "session has expired"
|
|
|
|
var (
|
|
// OpFindSession represents the operation that looks for sessions.
|
|
OpFindSession = "FindSession"
|
|
// OpExpireSession represents the operation that expires sessions.
|
|
OpExpireSession = "ExpireSession"
|
|
// OpCreateSession represents the operation that creates a session for a given user.
|
|
OpCreateSession = "CreateSession"
|
|
)
|
|
|
|
// Session is a user session.
|
|
type Session struct {
|
|
// ID is only required for auditing purposes.
|
|
ID ID `json:"id"`
|
|
Key string `json:"key"`
|
|
CreatedAt time.Time `json:"createdAt"`
|
|
ExpiresAt time.Time `json:"expiresAt"`
|
|
UserID ID `json:"userID,omitempty"`
|
|
Permissions []Permission `json:"permissions,omitempty"`
|
|
}
|
|
|
|
// Expired returns an error if the session is expired.
|
|
func (s *Session) Expired() error {
|
|
if time.Now().After(s.ExpiresAt) {
|
|
return fmt.Errorf(ErrSessionExpired)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// Allowed returns true if the authorization is unexpired and request permission
|
|
// exists in the sessions list of permissions.
|
|
func (s *Session) Allowed(p Permission) bool {
|
|
if err := s.Expired(); err != nil {
|
|
return false
|
|
}
|
|
|
|
return PermissionAllowed(p, s.Permissions)
|
|
}
|
|
|
|
// Kind returns session and is used for auditing.
|
|
func (s *Session) Kind() string { return "session" }
|
|
|
|
// Identifier returns the sessions ID and is used for auditing.
|
|
func (s *Session) Identifier() ID { return s.ID }
|
|
|
|
// GetUserID returns the user id.
|
|
func (s *Session) GetUserID() ID {
|
|
return s.UserID
|
|
}
|
|
|
|
// SessionService represents a service for managing user sessions.
|
|
type SessionService interface {
|
|
FindSession(ctx context.Context, key string) (*Session, error)
|
|
ExpireSession(ctx context.Context, key string) error
|
|
CreateSession(ctx context.Context, user string) (*Session, error)
|
|
}
|