Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Different stores for many sessions #124

Open
dusansimic opened this issue Sep 16, 2020 · 8 comments
Open

Different stores for many sessions #124

dusansimic opened this issue Sep 16, 2020 · 8 comments

Comments

@dusansimic
Copy link

User can create many sessions using SessionsMany() supplying array of names for sessions. The problem is that the same store is used for that. I'd like to use store A for session A and store B for session B. Could this feature be implemented without breaking current API?
@srbry
Copy link

srbry commented Dec 20, 2021

@dusansimic I have been playing with this in a fork as I needed exactly this.

My use case is:

Cookies for CSRF
Redis for user session

type SessionStore struct {
	Name  string
	Store Store
}

func SessionsMany(sessionStores []SessionStore) gin.HandlerFunc {
	return func(c *gin.Context) {
		sessions := make(map[string]Session, len(sessionStores))
		for _, sessionStore := range sessionStores {
			sessions[sessionStore.Name] = &session{sessionStore.Name, c.Request, sessionStore.Store, nil, false, c.Writer}
		}
		c.Set(DefaultKey, sessions)
		defer context.Clear(c.Request)
		c.Next()
	}
}

It's basically a stand-in replacement for the current SessionsMany although obviously, the types differ so it should probably be a separate helper method to keep backwards compatibility.

An example of using it would be:

	store, err := redis.NewStore(10, "tcp", "localhost:6379", "", []byte("session_secret"), []byte("encryption_secret"))
	if err != nil {
		log.Fatalf("Could not connect to session database: %s", err)
	}
	store.Options(sessions.Options{
		Path:     "/",
		MaxAge:   60 * 60 * 24, // 1 days
		HttpOnly: true,
		Secure:   true,
		SameSite: http.SameSiteStrictMode,
	})

	cookieStore := cookie.NewStore([]byte("session_secret"), []byte("encryption_secret"))
	cookieStore.Options(sessions.Options{
		Path:     "/",
		MaxAge:   60 * 60 * 24 * 30, // 30 days
		HttpOnly: true,
		Secure:   true,
		SameSite: http.SameSiteStrictMode,
	})
		sessionStores := []sessions.SessionStore{
		{
			Name:  "session",
			Store: cookieStore,
		},
		{
			Name:  "user_session",
			Store: store,
		},
	}
	httpRouter.Use(sessions.SessionsMany(sessionStores))

Happy to raise a PR if at least someone else wants this still

@srbry
Copy link

srbry commented Dec 20, 2021

@appleboy Apologies for tagging you directly but you seem to be one of the more active maintainers.

Is this something you would entertain being added? Do you have any preference on a name for the new helper function that would enable it?

@appleboy
Copy link
Member

@srbry Send the PR first.

@srbry srbry mentioned this issue Dec 21, 2021
Open
@srbry
Copy link

srbry commented Dec 21, 2021

@appleboy Sure thing. I have raised: #144

Happy to make any changes if required

@srbry srbry mentioned this issue Dec 21, 2021
Merged
@srbry
Copy link

srbry commented Jan 6, 2022

@appleboy have you had a chance to look at this at all yet?

@appleboy
Copy link
Member

appleboy commented Jan 6, 2022

@srbry I will take a look this weekend.

@avexbesuke
Copy link

@appleboy When can I see this one?

@appleboy
Copy link
Member

appleboy commented Apr 5, 2023

@avexbesuke We need @srbry to fix the conflicts first.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@appleboy @dusansimic @srbry @avexbesuke