session

type CookieBackend struct {
	sync.Mutex
	// contains filtered or unexported fields
}

type CookieSession struct {
	// contains filtered or unexported fields
}

type NoopSession struct{}

type Session interface {
	// Add a key to the session. Depending on the backend, this may call
	// Restore(). This should not be used with the serializer methods, and
	// implementations should enforce such behavior.
	Add(key string, value interface{})

	// Get a key from the session. If the serializer methods have been used,
	// implementations should return nill.
	Get(key string) interface{}

	// Serialize data to the session. Useful for storing predefined structs,
	// etc. Backends may use whatever serialization method they prefer, but most
	// will probably marshal the input to JSON. This method should NOT be used
	// in conjunection with Add() or Get().
	//
	// Serialize() is provided for more strongly typing session data.
	Serialize(v interface{}) error

	// Unserialize data from the session. The same caveats apply here that apply
	// to Serialize(), and this should not be used in conjunection with sessions
	// that are using Add() and Get().
	Unserialize(v interface{}) error

	// Restore sessions using Add() and Get(). Restore() isn't called by the
	// session registry as it is up to implementations to decide precisely how
	// restoration functionality should interact with the serializers.
	Restore() map[string]interface{}

	// Save the session or its metadata to a cookie. For cookie-backed sessions,
	// this will save the entire session state to a cookie; for others, this
	// should save a unique identifier that allows the session to be restored
	// from elsewhere.
	//
	// This method will be called in the BeforeResponse handler to ensure that
	// cookie data is written out to the HTTP headers and is called regardless
	// of persistence method (Add/Get vs Serialize/Unserialize).
	Save()
}

type SessionBackend int

type SessionConfig struct {
	// Backend controls which backend may be configured for session
	// management. If this value isn't set, it defaults to SessionNoopBackend
	// treating sessions as a noop. Note that some values may require additional
	// dependencies. In particular, enabling the cookie backend will require
	// KeyStar.
	//
	// Dependencies are further gated in the compiled binary via build flags.
	Backend SessionBackend

	// CookieOptions configures the session cookie to dispatch to the browser.
	CookieOptions *http.Cookie

	// DSN for backends that require datasource configuration.
	//
	// See the documentation for individual backends for a description of how
	// this is used.
	DSN string

	// Key used to encrypt/decrypt the session cookie. If this is greater than
	// 32 bytes, the remainder is used as the HMAC key. Note that the HMAC key
	// can be specified separately.
	Key []byte

	// HMACKey used to sign and verify the session cookie. A key length of 64
	// bytes is recommended as per[1]
	//
	// [1] https://tools.ietf.org/html/rfc4868#section-2.6
	HMACKey []byte

	// PlainText toggles off cookie encryption if true. This flag should only
	// ever be enabled for debugging or testing.
	//
	// This flag cannot be enabled unless development mode is turned on.
	//
	// Note: Not all backends support encryption.
	PlainText bool
}

type SessionFactory func(*SessionConfig) SessionMaster

type SessionMaster interface {
	NewSession(w http.ResponseWriter, r *http.Request) Session
}