apps/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2025-10-16 13:51:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
4ea2ab0ddbbbe9a01cb59b893377e9cd5b5cb15a
photoprism/internal/entity/auth_session_cache.go
Michael Mayer 0134c68d2c Config: Add option to change default session cache duration #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
2024-04-17 08:26:35 +02:00

85 lines
2.6 KiB
Go
Raw Blame History

package entity
import (
"fmt"
"time"
gc "github.com/patrickmn/go-cache"
"github.com/photoprism/photoprism/internal/event"
"github.com/photoprism/photoprism/pkg/clean"
"github.com/photoprism/photoprism/pkg/rnd"
)
// SessionCacheDuration specifies how long sessions are cached.
var SessionCacheDuration = 15 * time.Minute
var sessionCache = gc.New(SessionCacheDuration, time.Minute)
// FindSessionByAuthToken finds a session based on the auth token string or returns nil if it does not exist.
func FindSessionByAuthToken(token string) (*Session, error) {
return FindSession(rnd.SessionID(token))
}
// FindSession finds a session based on the id string or returns nil if it does not exist.
func FindSession(id string) (*Session, error) {
found := &Session{}
if !rnd.IsSessionID(id) {
return found, fmt.Errorf("invalid session id")
}
// Find the session in the cache with a fallback to the database.
if cacheData, ok := sessionCache.Get(id); ok && cacheData != nil {
if cached := cacheData.(*Session); !cached.Expired() {
// Set session activity timestamp, also update the last_active column in the sessions table if it is new.
cached.UpdateLastActive(cached.LastActive <= 0)
return cached, nil
} else if err := cached.Delete(); err != nil {
event.AuditErr([]string{cached.IP(), "session %s", "failed to delete after expiration", "%s"}, cached.RefID, err)
}
} else if res := Db().First(&found, "id = ?", id); res.RecordNotFound() {
return found, fmt.Errorf("invalid session")
} else if res.Error != nil {
return found, res.Error
} else if !rnd.IsSessionID(found.ID) {
return found, fmt.Errorf("invalid session id %s", clean.LogQuote(found.ID))
} else if !found.Expired() {
// Set session activity timestamp and update the last_active column in the sessions table.
found.UpdateLastActive(true)
CacheSession(found, SessionCacheDuration)
return found, nil
} else if err := found.Delete(); err != nil {
event.AuditErr([]string{found.IP(), "session %s", "failed to delete after expiration", "%s"}, found.RefID, err)
}
return found, fmt.Errorf("session expired")
}
// FlushSessionCache resets the session cache.
func FlushSessionCache() {
sessionCache.Flush()
}
// CacheSession adds a session to the cache if its ID is valid.
func CacheSession(s *Session, d time.Duration) {
if s == nil {
return
} else if !rnd.IsSessionID(s.ID) {
return
}
if d == 0 {
d = SessionCacheDuration
}
if s.PreviewToken != "" {
PreviewToken.Set(s.PreviewToken, s.ID)
}
if s.DownloadToken != "" {
DownloadToken.Set(s.DownloadToken, s.ID)
}
sessionCache.Set(s.ID, s, d)
}
Reference in New Issue View Git Blame Copy Permalink