feat: use postgres
This commit is contained in:
Ilia Denisov
@@ -5,7 +5,6 @@ package sessionstore
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
@@ -24,23 +23,10 @@ import (
|
||||
|
||||
const mutationRetryLimit = 3
|
||||
|
||||
// Config configures one Redis-backed session store instance.
|
||||
// Config configures one Redis-backed session store instance. The store does
|
||||
// not own its Redis client; the runtime supplies a shared client constructed
|
||||
// via `pkg/redisconn`.
|
||||
type Config struct {
|
||||
// Addr is the Redis network address in host:port form.
|
||||
Addr string
|
||||
|
||||
// Username is the optional Redis ACL username.
|
||||
Username string
|
||||
|
||||
// Password is the optional Redis ACL password.
|
||||
Password string
|
||||
|
||||
// DB is the Redis logical database index.
|
||||
DB int
|
||||
|
||||
// TLSEnabled enables TLS with a conservative minimum protocol version.
|
||||
TLSEnabled bool
|
||||
|
||||
// SessionKeyPrefix is the namespace prefix applied to primary session keys.
|
||||
SessionKeyPrefix string
|
||||
|
||||
@@ -78,13 +64,12 @@ type redisRecord struct {
|
||||
RevokeActorID string `json:"revoke_actor_id,omitempty"`
|
||||
}
|
||||
|
||||
// New constructs a Redis-backed session store from cfg.
|
||||
func New(cfg Config) (*Store, error) {
|
||||
// New constructs a Redis-backed session store that uses client and applies
|
||||
// the namespace and timeout settings from cfg.
|
||||
func New(client *redis.Client, cfg Config) (*Store, error) {
|
||||
switch {
|
||||
case strings.TrimSpace(cfg.Addr) == "":
|
||||
return nil, errors.New("new redis session store: redis addr must not be empty")
|
||||
case cfg.DB < 0:
|
||||
return nil, errors.New("new redis session store: redis db must not be negative")
|
||||
case client == nil:
|
||||
return nil, errors.New("new redis session store: nil redis client")
|
||||
case strings.TrimSpace(cfg.SessionKeyPrefix) == "":
|
||||
return nil, errors.New("new redis session store: session key prefix must not be empty")
|
||||
case strings.TrimSpace(cfg.UserSessionsKeyPrefix) == "":
|
||||
@@ -95,20 +80,8 @@ func New(cfg Config) (*Store, error) {
|
||||
return nil, errors.New("new redis session store: operation timeout must be positive")
|
||||
}
|
||||
|
||||
options := &redis.Options{
|
||||
Addr: cfg.Addr,
|
||||
Username: cfg.Username,
|
||||
Password: cfg.Password,
|
||||
DB: cfg.DB,
|
||||
Protocol: 2,
|
||||
DisableIdentity: true,
|
||||
}
|
||||
if cfg.TLSEnabled {
|
||||
options.TLSConfig = &tls.Config{MinVersion: tls.VersionTLS12}
|
||||
}
|
||||
|
||||
return &Store{
|
||||
client: redis.NewClient(options),
|
||||
client: client,
|
||||
sessionKeyPrefix: cfg.SessionKeyPrefix,
|
||||
userSessionsKeyPrefix: cfg.UserSessionsKeyPrefix,
|
||||
userActiveSessionsKeyPrefix: cfg.UserActiveSessionsKeyPrefix,
|
||||
@@ -116,31 +89,6 @@ func New(cfg Config) (*Store, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Close releases the underlying Redis client resources.
|
||||
func (s *Store) Close() error {
|
||||
if s == nil || s.client == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
return s.client.Close()
|
||||
}
|
||||
|
||||
// Ping verifies that the configured Redis backend is reachable within the
|
||||
// adapter operation timeout budget.
|
||||
func (s *Store) Ping(ctx context.Context) error {
|
||||
operationCtx, cancel, err := s.operationContext(ctx, "ping redis session store")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer cancel()
|
||||
|
||||
if err := s.client.Ping(operationCtx).Err(); err != nil {
|
||||
return fmt.Errorf("ping redis session store: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Get returns the stored session for deviceSessionID.
|
||||
func (s *Store) Get(ctx context.Context, deviceSessionID common.DeviceSessionID) (devicesession.Session, error) {
|
||||
if err := deviceSessionID.Validate(); err != nil {
|
||||
|
||||
@@ -13,10 +13,26 @@ import (
|
||||
"galaxy/authsession/internal/ports"
|
||||
|
||||
"github.com/alicebob/miniredis/v2"
|
||||
"github.com/redis/go-redis/v9"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func newRedisClient(t *testing.T, server *miniredis.Miniredis) *redis.Client {
|
||||
t.Helper()
|
||||
|
||||
client := redis.NewClient(&redis.Options{
|
||||
Addr: server.Addr(),
|
||||
Protocol: 2,
|
||||
DisableIdentity: true,
|
||||
})
|
||||
t.Cleanup(func() {
|
||||
assert.NoError(t, client.Close())
|
||||
})
|
||||
|
||||
return client
|
||||
}
|
||||
|
||||
func TestStoreContract(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
@@ -32,49 +48,27 @@ func TestNew(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
server := miniredis.RunT(t)
|
||||
client := newRedisClient(t, server)
|
||||
|
||||
validCfg := Config{
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
}
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
client *redis.Client
|
||||
cfg Config
|
||||
wantErr string
|
||||
}{
|
||||
{name: "valid config", client: client, cfg: validCfg},
|
||||
{name: "nil client", client: nil, cfg: validCfg, wantErr: "nil redis client"},
|
||||
{
|
||||
name: "valid config",
|
||||
name: "empty session prefix",
|
||||
client: client,
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
DB: 1,
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "empty addr",
|
||||
cfg: Config{
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
},
|
||||
wantErr: "redis addr must not be empty",
|
||||
},
|
||||
{
|
||||
name: "negative db",
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
DB: -1,
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
},
|
||||
wantErr: "redis db must not be negative",
|
||||
},
|
||||
{
|
||||
name: "empty session prefix",
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
@@ -82,9 +76,9 @@ func TestNew(t *testing.T) {
|
||||
wantErr: "session key prefix must not be empty",
|
||||
},
|
||||
{
|
||||
name: "empty all sessions prefix",
|
||||
name: "empty all sessions prefix",
|
||||
client: client,
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
@@ -92,9 +86,9 @@ func TestNew(t *testing.T) {
|
||||
wantErr: "user sessions key prefix must not be empty",
|
||||
},
|
||||
{
|
||||
name: "empty active sessions prefix",
|
||||
name: "empty active sessions prefix",
|
||||
client: client,
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
OperationTimeout: 250 * time.Millisecond,
|
||||
@@ -102,9 +96,9 @@ func TestNew(t *testing.T) {
|
||||
wantErr: "user active sessions key prefix must not be empty",
|
||||
},
|
||||
{
|
||||
name: "non positive timeout",
|
||||
name: "non positive timeout",
|
||||
client: client,
|
||||
cfg: Config{
|
||||
Addr: server.Addr(),
|
||||
SessionKeyPrefix: "authsession:session:",
|
||||
UserSessionsKeyPrefix: "authsession:user-sessions:",
|
||||
UserActiveSessionsKeyPrefix: "authsession:user-active-sessions:",
|
||||
@@ -114,12 +108,10 @@ func TestNew(t *testing.T) {
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
tt := tt
|
||||
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
store, err := New(tt.cfg)
|
||||
store, err := New(tt.client, tt.cfg)
|
||||
if tt.wantErr != "" {
|
||||
require.Error(t, err)
|
||||
assert.ErrorContains(t, err, tt.wantErr)
|
||||
@@ -127,22 +119,11 @@ func TestNew(t *testing.T) {
|
||||
}
|
||||
|
||||
require.NoError(t, err)
|
||||
t.Cleanup(func() {
|
||||
assert.NoError(t, store.Close())
|
||||
})
|
||||
require.NotNil(t, store)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestStorePing(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
server := miniredis.RunT(t)
|
||||
store := newTestStore(t, server, Config{})
|
||||
|
||||
require.NoError(t, store.Ping(context.Background()))
|
||||
}
|
||||
|
||||
func TestStoreCreateAndGetActive(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
@@ -558,9 +539,6 @@ func TestStoreRevokeAllByUserIDDetectsCorruptActiveIndex(t *testing.T) {
|
||||
func newTestStore(t *testing.T, server *miniredis.Miniredis, cfg Config) *Store {
|
||||
t.Helper()
|
||||
|
||||
if cfg.Addr == "" {
|
||||
cfg.Addr = server.Addr()
|
||||
}
|
||||
if cfg.SessionKeyPrefix == "" {
|
||||
cfg.SessionKeyPrefix = "authsession:session:"
|
||||
}
|
||||
@@ -574,13 +552,9 @@ func newTestStore(t *testing.T, server *miniredis.Miniredis, cfg Config) *Store
|
||||
cfg.OperationTimeout = 250 * time.Millisecond
|
||||
}
|
||||
|
||||
store, err := New(cfg)
|
||||
store, err := New(newRedisClient(t, server), cfg)
|
||||
require.NoError(t, err)
|
||||
|
||||
t.Cleanup(func() {
|
||||
assert.NoError(t, store.Close())
|
||||
})
|
||||
|
||||
return store
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user