feat: use postgres

authsession/internal/config/config.go

@@ -11,10 +11,13 @@ import (
 
 	"galaxy/authsession/internal/api/internalhttp"
 	"galaxy/authsession/internal/api/publichttp"
+	"galaxy/redisconn"
 
 	"go.uber.org/zap/zapcore"
 )
 
+const authsessionRedisEnvPrefix = "AUTHSESSION"
+
 const (
 	shutdownTimeoutEnvVar = "AUTHSESSION_SHUTDOWN_TIMEOUT"
 	logLevelEnvVar        = "AUTHSESSION_LOG_LEVEL"
@@ -31,13 +34,6 @@ const (
 	internalHTTPIdleTimeoutEnvVar       = "AUTHSESSION_INTERNAL_HTTP_IDLE_TIMEOUT"
 	internalHTTPRequestTimeoutEnvVar    = "AUTHSESSION_INTERNAL_HTTP_REQUEST_TIMEOUT"
 
-	redisAddrEnvVar             = "AUTHSESSION_REDIS_ADDR"
-	redisUsernameEnvVar         = "AUTHSESSION_REDIS_USERNAME"
-	redisPasswordEnvVar         = "AUTHSESSION_REDIS_PASSWORD"
-	redisDBEnvVar               = "AUTHSESSION_REDIS_DB"
-	redisTLSEnabledEnvVar       = "AUTHSESSION_REDIS_TLS_ENABLED"
-	redisOperationTimeoutEnvVar = "AUTHSESSION_REDIS_OPERATION_TIMEOUT"
-
 	redisChallengeKeyPrefixEnvVar               = "AUTHSESSION_REDIS_CHALLENGE_KEY_PREFIX"
 	redisSessionKeyPrefixEnvVar                 = "AUTHSESSION_REDIS_SESSION_KEY_PREFIX"
 	redisUserSessionsKeyPrefixEnvVar            = "AUTHSESSION_REDIS_USER_SESSIONS_KEY_PREFIX"
@@ -67,8 +63,6 @@ const (
 
 	defaultShutdownTimeout                  = 5 * time.Second
 	defaultLogLevel                         = "info"
-	defaultRedisDB                          = 0
-	defaultRedisOperationTimeout            = 250 * time.Millisecond
 	defaultChallengeKeyPrefix               = "authsession:challenge:"
 	defaultSessionKeyPrefix                 = "authsession:session:"
 	defaultUserSessionsKeyPrefix            = "authsession:user-sessions:"
@@ -128,23 +122,10 @@ type LoggingConfig struct {
 
 // RedisConfig configures the Redis-backed authsession adapters.
 type RedisConfig struct {
-	// Addr is the shared Redis address used by the authsession adapters.
-	Addr string
-
-	// Username is the optional Redis ACL username.
-	Username string
-
-	// Password is the optional Redis ACL password.
-	Password string
-
-	// DB is the Redis logical database index.
-	DB int
-
-	// TLSEnabled configures whether Redis connections use TLS.
-	TLSEnabled bool
-
-	// OperationTimeout bounds each adapter Redis round trip.
-	OperationTimeout time.Duration
+	// Conn carries the master/replica/password connection topology shared by
+	// every authsession Redis adapter, sourced from the AUTHSESSION_REDIS_*
+	// environment variables managed by `pkg/redisconn`.
+	Conn redisconn.Config
 
 	// ChallengeKeyPrefix namespaces the challenge source-of-truth records.
 	ChallengeKeyPrefix string
@@ -248,8 +229,7 @@ func DefaultConfig() Config {
 		PublicHTTP:   publichttp.DefaultConfig(),
 		InternalHTTP: internalhttp.DefaultConfig(),
 		Redis: RedisConfig{
-			DB:                               defaultRedisDB,
-			OperationTimeout:                 defaultRedisOperationTimeout,
+			Conn:                             redisconn.DefaultConfig(),
 			ChallengeKeyPrefix:               defaultChallengeKeyPrefix,
 			SessionKeyPrefix:                 defaultSessionKeyPrefix,
 			UserSessionsKeyPrefix:            defaultUserSessionsKeyPrefix,
@@ -329,21 +309,11 @@ func LoadFromEnv() (Config, error) {
 		return Config{}, fmt.Errorf("load authsession config: %w", err)
 	}
 
-	cfg.Redis.Addr = loadStringEnvWithDefault(redisAddrEnvVar, cfg.Redis.Addr)
-	cfg.Redis.Username = os.Getenv(redisUsernameEnvVar)
-	cfg.Redis.Password = os.Getenv(redisPasswordEnvVar)
-	cfg.Redis.DB, err = loadIntEnvWithDefault(redisDBEnvVar, cfg.Redis.DB)
-	if err != nil {
-		return Config{}, fmt.Errorf("load authsession config: %w", err)
-	}
-	cfg.Redis.TLSEnabled, err = loadBoolEnvWithDefault(redisTLSEnabledEnvVar, cfg.Redis.TLSEnabled)
-	if err != nil {
-		return Config{}, fmt.Errorf("load authsession config: %w", err)
-	}
-	cfg.Redis.OperationTimeout, err = loadDurationEnvWithDefault(redisOperationTimeoutEnvVar, cfg.Redis.OperationTimeout)
+	redisConn, err := redisconn.LoadFromEnv(authsessionRedisEnvPrefix)
 	if err != nil {
 		return Config{}, fmt.Errorf("load authsession config: %w", err)
 	}
+	cfg.Redis.Conn = redisConn
 	cfg.Redis.ChallengeKeyPrefix = loadStringEnvWithDefault(redisChallengeKeyPrefixEnvVar, cfg.Redis.ChallengeKeyPrefix)
 	cfg.Redis.SessionKeyPrefix = loadStringEnvWithDefault(redisSessionKeyPrefixEnvVar, cfg.Redis.SessionKeyPrefix)
 	cfg.Redis.UserSessionsKeyPrefix = loadStringEnvWithDefault(redisUserSessionsKeyPrefixEnvVar, cfg.Redis.UserSessionsKeyPrefix)
@@ -404,15 +374,13 @@ func LoadFromEnv() (Config, error) {
 // Validate reports whether cfg contains a consistent authsession process
 // configuration.
 func (cfg Config) Validate() error {
-	switch {
-	case cfg.ShutdownTimeout <= 0:
+	if cfg.ShutdownTimeout <= 0 {
 		return fmt.Errorf("load authsession config: %s must be positive", shutdownTimeoutEnvVar)
-	case strings.TrimSpace(cfg.Redis.Addr) == "":
-		return fmt.Errorf("load authsession config: %s must not be empty", redisAddrEnvVar)
-	case cfg.Redis.DB < 0:
-		return fmt.Errorf("load authsession config: %s must not be negative", redisDBEnvVar)
-	case cfg.Redis.OperationTimeout <= 0:
-		return fmt.Errorf("load authsession config: %s must be positive", redisOperationTimeoutEnvVar)
+	}
+	if err := cfg.Redis.Conn.Validate(); err != nil {
+		return fmt.Errorf("load authsession config: redis: %w", err)
+	}
+	switch {
 	case strings.TrimSpace(cfg.Redis.ChallengeKeyPrefix) == "":
 		return fmt.Errorf("load authsession config: %s must not be empty", redisChallengeKeyPrefixEnvVar)
 	case strings.TrimSpace(cfg.Redis.SessionKeyPrefix) == "":