Enha: use of sql sessions

2025-07-03 08:15:54 +03:00
parent 130ed3763b
commit e02554b181
10 changed files with 36 additions and 25 deletions
--- a/components/index.html
+++ b/components/index.html
@ -5,6 +5,7 @@
 		{{template "linklogin" .LinkLogin}}
 	{{ else if eq .State.RoomID "" }}
 		<div id="hello-user">
+	<p>data: {{.}} {{.State}} {{.Room}}</p>
 			<p>Hello {{.State.Username}}</p>
 		</div>
 		<div id="create-room" class="create-room-div">
--- a/gralias.db
+++ b/gralias.db
--- a/handlers/actions.go
+++ b/handlers/actions.go
@ -130,10 +130,10 @@ func notifyBotIfNeeded(room *models.Room) {
 func getFullInfoByCtx(ctx context.Context) (*models.FullInfo, error) {
 	resp := &models.FullInfo{}
 	// state, err := getStateByCtx(ctx)
-	// if err != nil {
-	// 	return nil, err
-	// }
 	state, err := getPlayerByCtx(ctx)
+	if err != nil {
+		return nil, err
+	}
 	resp.State = state
 	if state.RoomID == "" {
 		return resp, nil
--- a/handlers/auth.go
+++ b/handlers/auth.go
@ -1,6 +1,7 @@
 package handlers

 import (
+	"context"
 	"crypto/hmac"
 	"crypto/sha256"
 	"encoding/base64"
@ -12,6 +13,7 @@ import (
 	"html/template"
 	"net/http"
 	"strings"
+	"time"
 )

 func abortWithError(w http.ResponseWriter, msg string) {
@ -144,9 +146,10 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 	// expiresAt := time.Now().Add(time.Duration(cfg.SessionLifetime) * time.Second)
 	// Set the token in the session map, along with the session information
 	session := &models.Session{
-		Username:    username,
-		CookieToken: sessionToken,
-		Lifetime:    uint32(cfg.SessionLifetime / 60),
+		Username:  username,
+		TokenKey:  sessionToken,
+		UpdatedAt: time.Now(),
+		Lifetime:  uint32(cfg.SessionLifetime / 60),
 	}
 	cookieName := "session_token"
 	// hmac to protect cookies
@ -173,6 +176,9 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 		log.Info("changing cookie domain", "domain", cookie.Domain)
 	}
 	// set ctx?
+	if err := repo.SessionCreate(context.Background(), session); err != nil {
+		return nil, err
+	}
 	// set user in session
 	if err := cacheSetSession(sessionToken, session); err != nil {
 		return nil, err
--- a/handlers/handlers.go
+++ b/handlers/handlers.go
@ -48,7 +48,10 @@ func HandleHome(w http.ResponseWriter, r *http.Request) {
 		abortWithError(w, err.Error())
 		return
 	}
-	fi, _ := getFullInfoByCtx(r.Context())
+	fi, err := getFullInfoByCtx(r.Context())
+	if err != nil {
+		log.Error("failed to fetch fi", "error", err)
+	}
 	if fi != nil && fi.Room != nil && fi.State != nil {
 		fi.Room.UpdateCounter()
 		if fi.State.Role == "mime" {
--- a/handlers/middleware.go
+++ b/handlers/middleware.go
@ -61,12 +61,12 @@ func GetSession(next http.Handler) http.Handler {
 			next.ServeHTTP(w, r)
 			return
 		}
-		userSession, err := cacheGetSession(sessionToken)
+		userSession, err := repo.SessionByToken(r.Context(), sessionToken)
+		// userSession, err := cacheGetSession(sessionToken)
 		// log.Debug("userSession from cache", "us", userSession)
 		if err != nil {
-			// msg := "auth failed; session does not exists"
-			// err = errors.New(msg)
-			// log.Debug(msg, "error", err)
+			msg := "auth failed; session does not exists"
+			log.Debug(msg, "error", err, "key", sessionToken)
 			next.ServeHTTP(w, r)
 			return
 		}
--- a/migrations/001_initial_schema.up.sql
+++ b/migrations/001_initial_schema.up.sql
@ -72,7 +72,7 @@ CREATE TABLE sessions(
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
    lifetime INTEGER NOT NULL DEFAULT 3600,
-    cookie_token TEXT NOT NULL DEFAULT '', -- encoded value
+    token_key TEXT NOT NULL DEFAULT '' UNIQUE, -- encoded value
    username TEXT NOT NULL,
    FOREIGN KEY (username) REFERENCES players(username)
 );
--- a/models/auth.go
+++ b/models/auth.go
@ -6,19 +6,19 @@ import (

 // each session contains the username of the user and the time at which it expires
 type Session struct {
-	ID uint32
+	ID uint32 `db:"id"`
 	// CurrentRoom string
 	// Expiry      time.Time
-	UpdatedAt   time.Time
-	Lifetime    uint32 // minutes
-	CookieToken string
-	Username    string // username is playerid
+	UpdatedAt time.Time `db:"updated_at"`
+	Lifetime  uint32    `db:"lifetime"` // minutes
+	TokenKey  string    `db:"token_key"`
+	Username  string    `db:"username"` // username is playerid
 }

 // we'll use this method later to determine if the session has expired
 func (s Session) IsExpired() bool {
-	return time.Now().After(s.UpdatedAt.Add(time.Minute * time.Duration(s.Lifetime)))
-	// return s.Expiry.Before(time.Now())
+	// return time.Now().After(s.UpdatedAt.Add(time.Minute * time.Duration(s.Lifetime)))
+	return false
 }

 // func ListUsernames(ss map[string]*Session) []string {
--- a/repos/session.go
+++ b/repos/session.go
@ -19,7 +19,7 @@ func (p *RepoProvider) SessionByToken(ctx context.Context, token string) (*model
 	db := getDB(ctx, p.DB)
 	session := &models.Session{}
 	// The lifetime in the DB is in seconds, but in the model it is in minutes.
-	err := sqlx.GetContext(ctx, db, session, `SELECT id, updated_at, lifetime / 60 as lifetime, cookie_token, username FROM sessions WHERE cookie_token = ?`, token)
+	err := sqlx.GetContext(ctx, db, session, `SELECT id, updated_at, lifetime / 60 as lifetime, token_key, username FROM sessions WHERE token_key = ? LIMIT 1;`, token)
 	if err != nil {
 		return nil, err
 	}
@ -29,21 +29,21 @@ func (p *RepoProvider) SessionByToken(ctx context.Context, token string) (*model
 func (p *RepoProvider) SessionCreate(ctx context.Context, session *models.Session) error {
 	db := getDB(ctx, p.DB)
 	// The lifetime in the model is in minutes, but in the DB it is in seconds.
-	_, err := db.ExecContext(ctx, `INSERT INTO sessions (updated_at, lifetime, cookie_token, username) VALUES (?, ?, ?, ?)`,
-		time.Now(), session.Lifetime*60, session.CookieToken, session.Username)
+	_, err := db.ExecContext(ctx, `INSERT INTO sessions (updated_at, lifetime, token_key, username) VALUES (?, ?, ?, ?) ON CONFLICT (token_key) DO UPDATE SET updated_at=CURRENT_TIMESTAMP, lifetime=excluded.lifetime;`,
+		time.Now(), session.Lifetime*60, session.TokenKey, session.Username)
 	return err
 }

 func (p *RepoProvider) SessionUpdate(ctx context.Context, session *models.Session) error {
 	db := getDB(ctx, p.DB)
 	// The lifetime in the model is in minutes, but in the DB it is in seconds.
-	_, err := db.ExecContext(ctx, `UPDATE sessions SET updated_at = ?, lifetime = ? WHERE cookie_token = ?`,
-		time.Now(), session.Lifetime*60, session.CookieToken)
+	_, err := db.ExecContext(ctx, `UPDATE sessions SET updated_at = ?, lifetime = ? WHERE token_key = ?`,
+		time.Now(), session.Lifetime*60, session.TokenKey)
 	return err
 }

 func (p *RepoProvider) SessionDelete(ctx context.Context, token string) error {
 	db := getDB(ctx, p.DB)
-	_, err := db.ExecContext(ctx, `DELETE FROM sessions WHERE cookie_token = ?`, token)
+	_, err := db.ExecContext(ctx, `DELETE FROM sessions WHERE token_key = ?`, token)
 	return err
 }
--- a/todos.md
+++ b/todos.md
@ -30,6 +30,7 @@
 - clear indication that model (llm) is thinking / answered;
 - possibly turn markings into parts of names of users (first three letters?);
 - at game creation list languages and support them at backend;
+- sql ping goroutine with reconnect on fail;

 #### sse points
 - clue sse update;