Sky/Moonshark
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

session rewrite

Browse Source
This commit is contained in:
Sky Johnson 2025-04-09 20:47:22 -05:00
parent 5ebcd97662
commit 85b0551e70
3 changed files with 155 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/http/Server.go
View File

@ -225,13 +225,12 @@ func (s *Server) handleLuaRoute(ctx *fasthttp.RequestCtx, bytecode []byte, scrip
return return
} }
// Save session if modified // Update session if modified
if response.SessionModified { if response.SessionModified {
// Update session data
for k, v := range response.SessionData { for k, v := range response.SessionData {
session.Set(k, v) session.Set(k, v)
} }
s.sessionManager.SaveSession(session)
s.sessionManager.ApplySessionCookie(ctx, session) s.sessionManager.ApplySessionCookie(ctx, session)
} }

229
core/sessions/Manager.go
View File

@ -1,46 +1,43 @@
package sessions package sessions
import ( import (
"Moonshark/core/utils/logger"
"crypto/rand" "crypto/rand"
"encoding/base64" "encoding/base64"
"sync" "sync"
"time" "time"
"github.com/VictoriaMetrics/fastcache"
"github.com/goccy/go-json"
"github.com/valyala/fasthttp" "github.com/valyala/fasthttp"
) )
const ( const (
// Default settings DefaultMaxSessions = 10000
DefaultMaxSize = 100 * 1024 * 1024 // 100MB default cache size DefaultCookieName = "MoonsharkSID"
DefaultCookieName = "MoonsharkSID" DefaultCookiePath = "/"
DefaultCookiePath = "/" DefaultMaxAge = 86400 // 1 day in seconds
DefaultMaxAge = 86400 // 1 day in seconds
) )
// SessionManager handles multiple sessions using fastcache for storage // SessionManager handles multiple sessions
type SessionManager struct { type SessionManager struct {
cache *fastcache.Cache sessions map[string]*Session
maxSessions int
cookieName string cookieName string
cookiePath string cookiePath string
cookieDomain string cookieDomain string
cookieSecure bool cookieSecure bool
cookieHTTPOnly bool cookieHTTPOnly bool
cookieMaxAge int cookieMaxAge int
mu sync.RWMutex // Only for cookie settings mu sync.RWMutex
} }
// NewSessionManager creates a new session manager with optional cache size // NewSessionManager creates a new session manager
func NewSessionManager(maxSize ...int) *SessionManager { func NewSessionManager(maxSessions int) *SessionManager {
size := DefaultMaxSize if maxSessions <= 0 {
if len(maxSize) > 0 && maxSize[0] > 0 { maxSessions = DefaultMaxSessions
size = maxSize[0]
} }
return &SessionManager{ return &SessionManager{
cache: fastcache.New(size), sessions: make(map[string]*Session, maxSessions),
maxSessions: maxSessions,
cookieName: DefaultCookieName, cookieName: DefaultCookieName,
cookiePath: DefaultCookiePath, cookiePath: DefaultCookiePath,
cookieHTTPOnly: true, cookieHTTPOnly: true,
@ -48,7 +45,7 @@ func NewSessionManager(maxSize ...int) *SessionManager {
} }
} }
// generateSessionID creates a cryptographically secure random session ID // generateSessionID creates a random session ID
func generateSessionID() string { func generateSessionID() string {
b := make([]byte, 32) b := make([]byte, 32)
if _, err := rand.Read(b); err != nil { if _, err := rand.Read(b); err != nil {
@ -59,59 +56,136 @@ func generateSessionID() string {
// GetSession retrieves a session by ID, or creates a new one if it doesn't exist // GetSession retrieves a session by ID, or creates a new one if it doesn't exist
func (sm *SessionManager) GetSession(id string) *Session { func (sm *SessionManager) GetSession(id string) *Session {
// Check if session exists // Try to get an existing session
data := sm.cache.Get(nil, []byte(id)) if id != "" {
sm.mu.RLock()
session, exists := sm.sessions[id]
sm.mu.RUnlock()
if len(data) > 0 { if exists {
logger.Debug("Getting session %s", id) // Check if session is expired
if session.IsExpired() {
// Session exists, unmarshal it sm.mu.Lock()
session := &Session{} delete(sm.sessions, id)
if err := json.Unmarshal(data, session); err == nil { sm.mu.Unlock()
// Initialize mutex properly } else {
session.mu = sync.RWMutex{} // Update last used time
session.UpdateLastUsed()
// Update last accessed time return session
session.UpdatedAt = time.Now() }
// Store back with updated timestamp
updatedData, _ := json.Marshal(session)
sm.cache.Set([]byte(id), updatedData)
return session
} }
} }
logger.Debug("Session doesn't exist; creating it") // Create a new session
return sm.CreateSession()
// Create new session
session := NewSession(id)
data, _ = json.Marshal(session)
sm.cache.Set([]byte(id), data)
return session
} }
// CreateSession generates a new session with a unique ID // CreateSession generates a new session with a unique ID
func (sm *SessionManager) CreateSession() *Session { func (sm *SessionManager) CreateSession() *Session {
id := generateSessionID() id := generateSessionID()
session := NewSession(id, sm.cookieMaxAge)
session := NewSession(id) sm.mu.Lock()
data, _ := json.Marshal(session) // Enforce session limit - evict LRU if needed
sm.cache.Set([]byte(id), data) if len(sm.sessions) >= sm.maxSessions {
sm.evictLRU()
}
sm.sessions[id] = session
sm.mu.Unlock()
return session return session
} }
// SaveSession persists a session back to the cache // evictLRU removes the least recently used session
func (sm *SessionManager) SaveSession(session *Session) { func (sm *SessionManager) evictLRU() {
data, _ := json.Marshal(session) // Called with mutex already held
sm.cache.Set([]byte(session.ID), data) if len(sm.sessions) == 0 {
return
}
var oldestID string
var oldestTime time.Time
// Find oldest session
for id, session := range sm.sessions {
if oldestID == "" || session.LastUsed.Before(oldestTime) {
oldestID = id
oldestTime = session.LastUsed
}
}
if oldestID != "" {
delete(sm.sessions, oldestID)
}
} }
// DestroySession removes a session // DestroySession removes a session
func (sm *SessionManager) DestroySession(id string) { func (sm *SessionManager) DestroySession(id string) {
sm.cache.Del([]byte(id)) sm.mu.Lock()
defer sm.mu.Unlock()
delete(sm.sessions, id)
}
// CleanupExpired removes all expired sessions
func (sm *SessionManager) CleanupExpired() int {
removed := 0
now := time.Now()
sm.mu.Lock()
defer sm.mu.Unlock()
for id, session := range sm.sessions {
if now.After(session.Expiry) {
delete(sm.sessions, id)
removed++
}
}
return removed
}
// SetCookieOptions configures cookie parameters
func (sm *SessionManager) SetCookieOptions(name, path, domain string, secure, httpOnly bool, maxAge int) {
sm.mu.Lock()
defer sm.mu.Unlock()
sm.cookieName = name
sm.cookiePath = path
sm.cookieDomain = domain
sm.cookieSecure = secure
sm.cookieHTTPOnly = httpOnly
sm.cookieMaxAge = maxAge
}
// GetSessionFromRequest extracts the session from a request
func (sm *SessionManager) GetSessionFromRequest(ctx *fasthttp.RequestCtx) *Session {
cookie := ctx.Request.Header.Cookie(sm.cookieName)
if len(cookie) == 0 {
return sm.CreateSession()
}
return sm.GetSession(string(cookie))
}
// ApplySessionCookie adds the session cookie to the response
func (sm *SessionManager) ApplySessionCookie(ctx *fasthttp.RequestCtx, session *Session) {
cookie := fasthttp.AcquireCookie()
defer fasthttp.ReleaseCookie(cookie)
cookie.SetKey(sm.cookieName)
cookie.SetValue(session.ID)
cookie.SetPath(sm.cookiePath)
cookie.SetHTTPOnly(sm.cookieHTTPOnly)
cookie.SetMaxAge(sm.cookieMaxAge)
if sm.cookieDomain != "" {
cookie.SetDomain(sm.cookieDomain)
}
cookie.SetSecure(sm.cookieSecure)
ctx.Response.Header.SetCookie(cookie)
} }
// CookieOptions returns the cookie options for this session manager // CookieOptions returns the cookie options for this session manager
@ -129,52 +203,5 @@ func (sm *SessionManager) CookieOptions() map[string]any {
} }
} }
// SetCookieOptions configures cookie parameters
func (sm *SessionManager) SetCookieOptions(name, path, domain string, secure, httpOnly bool, maxAge int) {
sm.mu.Lock()
defer sm.mu.Unlock()
sm.cookieName = name
sm.cookiePath = path
sm.cookieDomain = domain
sm.cookieSecure = secure
sm.cookieHTTPOnly = httpOnly
sm.cookieMaxAge = maxAge
}
// GetSessionFromRequest extracts the session from a request context
func (sm *SessionManager) GetSessionFromRequest(ctx *fasthttp.RequestCtx) *Session {
cookie := ctx.Request.Header.Cookie(sm.cookieName)
if len(cookie) == 0 {
// No session cookie, create a new session
return sm.CreateSession()
}
// Session cookie exists, get the session
return sm.GetSession(string(cookie))
}
// SaveSessionToResponse adds the session cookie to an HTTP response
func (sm *SessionManager) ApplySessionCookie(ctx *fasthttp.RequestCtx, session *Session) {
cookie := fasthttp.AcquireCookie()
defer fasthttp.ReleaseCookie(cookie)
sm.mu.RLock()
cookie.SetKey(sm.cookieName)
cookie.SetValue(session.ID)
cookie.SetPath(sm.cookiePath)
cookie.SetHTTPOnly(sm.cookieHTTPOnly)
cookie.SetMaxAge(sm.cookieMaxAge)
if sm.cookieDomain != "" {
cookie.SetDomain(sm.cookieDomain)
}
cookie.SetSecure(sm.cookieSecure)
sm.mu.RUnlock()
ctx.Response.Header.SetCookie(cookie)
}
// GlobalSessionManager is the default session manager instance // GlobalSessionManager is the default session manager instance
var GlobalSessionManager = NewSessionManager() var GlobalSessionManager = NewSessionManager(DefaultMaxSessions)

116
core/sessions/Session.go
View File

@ -1,41 +1,31 @@
package sessions package sessions
import ( import (
"errors"
"sync" "sync"
"time" "time"
"github.com/goccy/go-json"
)
const (
DefaultMaxValueSize = 256 * 1024 // 256KB per value
)
var (
ErrValueTooLarge = errors.New("session value exceeds size limit")
) )
// Session stores data for a single user session // Session stores data for a single user session
type Session struct { type Session struct {
ID string `json:"id"` ID string
Data map[string]any `json:"data"` Data map[string]any
CreatedAt time.Time `json:"created_at"` CreatedAt time.Time
UpdatedAt time.Time `json:"updated_at"` UpdatedAt time.Time
mu sync.RWMutex `json:"-"` LastUsed time.Time
maxValueSize int `json:"max_value_size"` Expiry time.Time
totalDataSize int `json:"total_data_size"` mu sync.RWMutex
} }
// NewSession creates a new session with the given ID // NewSession creates a new session with the given ID
func NewSession(id string) *Session { func NewSession(id string, maxAge int) *Session {
now := time.Now() now := time.Now()
return &Session{ return &Session{
ID: id, ID: id,
Data: make(map[string]any), Data: make(map[string]any),
CreatedAt: now, CreatedAt: now,
UpdatedAt: now, UpdatedAt: now,
maxValueSize: DefaultMaxValueSize, LastUsed: now,
Expiry: now.Add(time.Duration(maxAge) * time.Second),
} }
} }
@ -47,65 +37,17 @@ func (s *Session) Get(key string) any {
} }
// Set stores a value in the session // Set stores a value in the session
func (s *Session) Set(key string, value any) error { func (s *Session) Set(key string, value any) {
// Estimate value size
size, err := estimateSize(value)
if err != nil {
return err
}
// Check against limit
if size > s.maxValueSize {
return ErrValueTooLarge
}
s.mu.Lock() s.mu.Lock()
defer s.mu.Unlock() defer s.mu.Unlock()
// If replacing, subtract old value size
if oldVal, exists := s.Data[key]; exists {
oldSize, _ := estimateSize(oldVal)
s.totalDataSize -= oldSize
}
s.Data[key] = value s.Data[key] = value
s.totalDataSize += size
s.UpdatedAt = time.Now() s.UpdatedAt = time.Now()
return nil
}
// SetMaxValueSize changes the maximum allowed value size
func (s *Session) SetMaxValueSize(bytes int) {
s.mu.Lock()
defer s.mu.Unlock()
s.maxValueSize = bytes
}
// GetMaxValueSize returns the current max value size
func (s *Session) GetMaxValueSize() int {
s.mu.RLock()
defer s.mu.RUnlock()
return s.maxValueSize
}
// GetTotalSize returns the estimated total size of all session data
func (s *Session) GetTotalSize() int {
s.mu.RLock()
defer s.mu.RUnlock()
return s.totalDataSize
} }
// Delete removes a value from the session // Delete removes a value from the session
func (s *Session) Delete(key string) { func (s *Session) Delete(key string) {
s.mu.Lock() s.mu.Lock()
defer s.mu.Unlock() defer s.mu.Unlock()
// Update size tracking
if oldVal, exists := s.Data[key]; exists {
oldSize, _ := estimateSize(oldVal)
s.totalDataSize -= oldSize
}
delete(s.Data, key) delete(s.Data, key)
s.UpdatedAt = time.Now() s.UpdatedAt = time.Now()
} }
@ -115,7 +57,6 @@ func (s *Session) Clear() {
s.mu.Lock() s.mu.Lock()
defer s.mu.Unlock() defer s.mu.Unlock()
s.Data = make(map[string]any) s.Data = make(map[string]any)
s.totalDataSize = 0
s.UpdatedAt = time.Now() s.UpdatedAt = time.Now()
} }
@ -124,7 +65,6 @@ func (s *Session) GetAll() map[string]any {
s.mu.RLock() s.mu.RLock()
defer s.mu.RUnlock() defer s.mu.RUnlock()
// Create a copy to avoid concurrent map access issues
copy := make(map[string]any, len(s.Data)) copy := make(map[string]any, len(s.Data))
for k, v := range s.Data { for k, v := range s.Data {
copy[k] = v copy[k] = v
@ -133,20 +73,14 @@ func (s *Session) GetAll() map[string]any {
return copy return copy
} }
// estimateSize approximates the memory footprint of a value // IsExpired checks if the session has expired
func estimateSize(v any) (int, error) { func (s *Session) IsExpired() bool {
// Fast path for common types return time.Now().After(s.Expiry)
switch val := v.(type) { }
case string:
return len(val), nil // UpdateLastUsed updates the last used time
case []byte: func (s *Session) UpdateLastUsed() {
return len(val), nil s.mu.Lock()
} s.LastUsed = time.Now()
s.mu.Unlock()
// For other types, use JSON serialization as approximation
data, err := json.Marshal(v)
if err != nil {
return 0, err
}
return len(data), nil
} }