4
0

session.go 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. // Copyright 2017 Frédéric Guillot. All rights reserved.
  2. // Use of this source code is governed by the Apache 2.0
  3. // license that can be found in the LICENSE file.
  4. package storage
  5. import (
  6. "database/sql"
  7. "fmt"
  8. "github.com/miniflux/miniflux2/helper"
  9. "github.com/miniflux/miniflux2/model"
  10. )
  11. func (s *Storage) GetSessions(userID int64) (model.Sessions, error) {
  12. query := `SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE user_id=$1 ORDER BY id DESC`
  13. rows, err := s.db.Query(query, userID)
  14. if err != nil {
  15. return nil, fmt.Errorf("unable to fetch sessions: %v", err)
  16. }
  17. defer rows.Close()
  18. var sessions model.Sessions
  19. for rows.Next() {
  20. var session model.Session
  21. err := rows.Scan(
  22. &session.ID,
  23. &session.UserID,
  24. &session.Token,
  25. &session.CreatedAt,
  26. &session.UserAgent,
  27. &session.IP,
  28. )
  29. if err != nil {
  30. return nil, fmt.Errorf("unable to fetch session row: %v", err)
  31. }
  32. sessions = append(sessions, &session)
  33. }
  34. return sessions, nil
  35. }
  36. func (s *Storage) CreateSession(username, userAgent, ip string) (sessionID string, err error) {
  37. var userID int64
  38. err = s.db.QueryRow("SELECT id FROM users WHERE username = $1", username).Scan(&userID)
  39. if err != nil {
  40. return "", fmt.Errorf("unable to fetch UserID: %v", err)
  41. }
  42. token := helper.GenerateRandomString(64)
  43. query := "INSERT INTO sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)"
  44. _, err = s.db.Exec(query, token, userID, userAgent, ip)
  45. if err != nil {
  46. return "", fmt.Errorf("unable to create session: %v", err)
  47. }
  48. s.SetLastLogin(userID)
  49. return token, nil
  50. }
  51. func (s *Storage) GetSessionByToken(token string) (*model.Session, error) {
  52. var session model.Session
  53. query := "SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE token = $1"
  54. err := s.db.QueryRow(query, token).Scan(
  55. &session.ID,
  56. &session.UserID,
  57. &session.Token,
  58. &session.CreatedAt,
  59. &session.UserAgent,
  60. &session.IP,
  61. )
  62. if err == sql.ErrNoRows {
  63. return nil, fmt.Errorf("session not found: %s", token)
  64. } else if err != nil {
  65. return nil, fmt.Errorf("unable to fetch session: %v", err)
  66. }
  67. return &session, nil
  68. }
  69. func (s *Storage) RemoveSessionByToken(userID int64, token string) error {
  70. result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND token=$2`, userID, token)
  71. if err != nil {
  72. return fmt.Errorf("unable to remove this session: %v", err)
  73. }
  74. count, err := result.RowsAffected()
  75. if err != nil {
  76. return fmt.Errorf("unable to remove this session: %v", err)
  77. }
  78. if count != 1 {
  79. return fmt.Errorf("nothing has been removed")
  80. }
  81. return nil
  82. }
  83. func (s *Storage) RemoveSessionByID(userID, sessionID int64) error {
  84. result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND id=$2`, userID, sessionID)
  85. if err != nil {
  86. return fmt.Errorf("unable to remove this session: %v", err)
  87. }
  88. count, err := result.RowsAffected()
  89. if err != nil {
  90. return fmt.Errorf("unable to remove this session: %v", err)
  91. }
  92. if count != 1 {
  93. return fmt.Errorf("nothing has been removed")
  94. }
  95. return nil
  96. }
  97. func (s *Storage) FlushAllSessions() (err error) {
  98. _, err = s.db.Exec(`delete from sessions`)
  99. return
  100. }