use redis as a session store backend (#119)

* support for custom github endpoints * implementing requested changes * using redis for session store if it is configured * using non-deprecated sessions lib * hard-coding redis session store private key for multiple instances * re-working GetPrivateKey to return stastic key only when redis is used * making config entries for redis sesion db and shared key
7 years ago · eea341793f
6 changed files with 40 additions and 13 deletions
--- a/config/example.yaml
+++ b/config/example.yaml
@ -28,3 +28,5 @@ Redis:
  MaxRetries: 3         # maximum number of retries for a failed redis command
  ReadTimeout: 3s       # timeout for read operations; default is 3s. This is a golang time.ParseDuration string
  WriteTimeout: 3s      # timeout for write operations; default is 3s. This is a golang time.ParseDuration string
+  SessionDB: 1          # redis session store index (https://redis.io/commands/select); optional; default is 1
+  SharedKey: replace me # redis session store shared key; optional; default is "secret"
--- a/deployments/cloudfoundry/run.sh
+++ b/deployments/cloudfoundry/run.sh
@ -13,6 +13,7 @@ fi
 if [ "$REDIS" != "" ]; then
    export GUS_REDIS_HOST="$(echo $VCAP_SERVICES | jq -r '.["'$REDIS_SERVICE_NAME'"][0].credentials.host'):$(echo $VCAP_SERVICES | jq -r '.["'$REDIS_SERVICE_NAME'"][0].credentials.port')"
    export GUS_REDIS_PASSWORD="$(echo $VCAP_SERVICES | jq -r '.["'$REDIS_SERVICE_NAME'"][0].credentials.password')"
+    export GUS_REDIS_SHARED_KEY=$GUS_REDIS_PASSWORD
 fi

 echo "#### Starting golang-url-shortener..."
--- a/internal/handlers/auth.go
+++ b/internal/handlers/auth.go
@ -9,14 +9,22 @@ import (
 	"github.com/sirupsen/logrus"

 	jwt "github.com/dgrijalva/jwt-go"
-	"github.com/gin-gonic/contrib/sessions"
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/cookie"
+	"github.com/gin-contrib/sessions/redis"
 	"github.com/gin-gonic/gin"
 	"github.com/pkg/errors"
 )

 func (h *Handler) initOAuth() {
-	h.engine.Use(sessions.Sessions("backend", sessions.NewCookieStore(util.GetPrivateKey())))
-
+	switch backend := util.GetConfig().Backend; backend {
+	// use redis as the session store if it is configured
+	case "redis":
+		store, _ := redis.NewStoreWithDB(10, "tcp", util.GetConfig().Redis.Host, util.GetConfig().Redis.Password, util.GetConfig().Redis.SessionDB, util.GetPrivateKey())
+		h.engine.Use(sessions.Sessions("backend", store))
+	default:
+		h.engine.Use(sessions.Sessions("backend", cookie.NewStore(util.GetPrivateKey())))
+	}
 	h.providers = []string{}
 	google := util.GetConfig().Google
 	if google.Enabled() {
@ -39,7 +47,14 @@ func (h *Handler) initOAuth() {

 // initProxyAuth intializes data structures for proxy authentication mode
 func (h *Handler) initProxyAuth() {
-	h.engine.Use(sessions.Sessions("backend", sessions.NewCookieStore(util.GetPrivateKey())))
+	switch backend := util.GetConfig().Backend; backend {
+	// use redis as the session store if it is configured
+	case "redis":
+		store, _ := redis.NewStoreWithDB(10, "tcp", util.GetConfig().Redis.Host, util.GetConfig().Redis.Password, util.GetConfig().Redis.SessionDB, util.GetPrivateKey())
+		h.engine.Use(sessions.Sessions("backend", store))
+	default:
+		h.engine.Use(sessions.Sessions("backend", cookie.NewStore(util.GetPrivateKey())))
+	}
 	h.providers = []string{}
 	h.providers = append(h.providers, "proxy")
 	h.engine.POST("/api/v1/auth/check", h.handleAuthCheck)
--- a/internal/handlers/auth/auth.go
+++ b/internal/handlers/auth/auth.go
@ -8,7 +8,7 @@ import (
 	"time"

 	jwt "github.com/dgrijalva/jwt-go"
-	"github.com/gin-gonic/contrib/sessions"
+	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"github.com/mxschmitt/golang-url-shortener/internal/util"
 	"github.com/pkg/errors"
--- a/internal/util/config.go
+++ b/internal/util/config.go
@ -38,6 +38,8 @@ type redisConf struct {
 	MaxRetries   int    `yaml:"MaxRetries" env:"MAX_RETRIES"`
 	ReadTimeout  string `yaml:"ReadTimeout" env:"READ_TIMEOUT"`
 	WriteTimeout string `yaml:"WriteTimeout" env:"WRITE_TIMEOUT"`
+	SessionDB    string `yaml:"SessionDB" env:"SESSION_DB"`
+	SharedKey    string `yaml:"SharedKey" env:"SHARED_KEY"`
 }

 type oAuthConf struct {
@ -52,7 +54,7 @@ type proxyAuthConf struct {
 	DisplayNameHeader string `yaml:"DisplayNameHeader" env:"DISPLAY_NAME_HEADER"`
 }

-// config contains the default values
+// Config contains the default values
 var Config = Configuration{
 	ListenAddr:       ":8080",
 	BaseURL:          "http://localhost:3000",
@ -69,6 +71,8 @@ var Config = Configuration{
 		MaxRetries:   3,
 		ReadTimeout:  "3s",
 		WriteTimeout: "3s",
+		SessionDB:    "1",
+		SharedKey:    "secret",
 	},
 }

--- a/internal/util/private.go
+++ b/internal/util/private.go
@ -35,5 +35,10 @@ func CheckForPrivateKey() error {

 // GetPrivateKey returns the private key
 func GetPrivateKey() []byte {
+	switch backend := GetConfig().Backend; backend {
+	case "redis":
+		return []byte(GetConfig().Redis.SharedKey)
+	default:
 		return privateKey
 	}
+}