feat: use postgres
This commit is contained in:
Ilia Denisov
@@ -5,7 +5,6 @@ package challengestore
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
@@ -26,23 +25,10 @@ const expirationGracePeriod = 5 * time.Minute
|
||||
|
||||
const defaultPreferredLanguage = "en"
|
||||
|
||||
// Config configures one Redis-backed challenge store instance.
|
||||
// Config configures one Redis-backed challenge store instance. The store does
|
||||
// not own its Redis client; the runtime supplies a shared client constructed
|
||||
// via `pkg/redisconn`.
|
||||
type Config struct {
|
||||
// Addr is the Redis network address in host:port form.
|
||||
Addr string
|
||||
|
||||
// Username is the optional Redis ACL username.
|
||||
Username string
|
||||
|
||||
// Password is the optional Redis ACL password.
|
||||
Password string
|
||||
|
||||
// DB is the Redis logical database index.
|
||||
DB int
|
||||
|
||||
// TLSEnabled enables TLS with a conservative minimum protocol version.
|
||||
TLSEnabled bool
|
||||
|
||||
// KeyPrefix is the namespace prefix applied to every challenge key.
|
||||
KeyPrefix string
|
||||
|
||||
@@ -74,13 +60,11 @@ type redisRecord struct {
|
||||
ConfirmedAt *string `json:"confirmed_at,omitempty"`
|
||||
}
|
||||
|
||||
// New constructs a Redis-backed challenge store from cfg.
|
||||
func New(cfg Config) (*Store, error) {
|
||||
if strings.TrimSpace(cfg.Addr) == "" {
|
||||
return nil, errors.New("new redis challenge store: redis addr must not be empty")
|
||||
}
|
||||
if cfg.DB < 0 {
|
||||
return nil, errors.New("new redis challenge store: redis db must not be negative")
|
||||
// New constructs a Redis-backed challenge store that uses client and applies
|
||||
// the namespace and timeout settings from cfg.
|
||||
func New(client *redis.Client, cfg Config) (*Store, error) {
|
||||
if client == nil {
|
||||
return nil, errors.New("new redis challenge store: nil redis client")
|
||||
}
|
||||
if strings.TrimSpace(cfg.KeyPrefix) == "" {
|
||||
return nil, errors.New("new redis challenge store: redis key prefix must not be empty")
|
||||
@@ -89,50 +73,13 @@ func New(cfg Config) (*Store, error) {
|
||||
return nil, errors.New("new redis challenge store: operation timeout must be positive")
|
||||
}
|
||||
|
||||
options := &redis.Options{
|
||||
Addr: cfg.Addr,
|
||||
Username: cfg.Username,
|
||||
Password: cfg.Password,
|
||||
DB: cfg.DB,
|
||||
Protocol: 2,
|
||||
DisableIdentity: true,
|
||||
}
|
||||
if cfg.TLSEnabled {
|
||||
options.TLSConfig = &tls.Config{MinVersion: tls.VersionTLS12}
|
||||
}
|
||||
|
||||
return &Store{
|
||||
client: redis.NewClient(options),
|
||||
client: client,
|
||||
keyPrefix: cfg.KeyPrefix,
|
||||
operationTimeout: cfg.OperationTimeout,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Close releases the underlying Redis client resources.
|
||||
func (s *Store) Close() error {
|
||||
if s == nil || s.client == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
return s.client.Close()
|
||||
}
|
||||
|
||||
// Ping verifies that the configured Redis backend is reachable within the
|
||||
// adapter operation timeout budget.
|
||||
func (s *Store) Ping(ctx context.Context) error {
|
||||
operationCtx, cancel, err := s.operationContext(ctx, "ping redis challenge store")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer cancel()
|
||||
|
||||
if err := s.client.Ping(operationCtx).Err(); err != nil {
|
||||
return fmt.Errorf("ping redis challenge store: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Get returns the stored challenge for challengeID.
|
||||
func (s *Store) Get(ctx context.Context, challengeID common.ChallengeID) (challenge.Challenge, error) {
|
||||
if err := challengeID.Validate(); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user