2019-04-24 21:52:08 +00:00
package schema
2022-03-02 06:40:26 +00:00
import (
2022-10-21 08:41:33 +00:00
"crypto/tls"
2023-01-12 10:57:44 +00:00
"net/url"
2022-03-02 06:40:26 +00:00
"time"
)
2023-01-26 02:23:47 +00:00
// Session represents the configuration related to user sessions.
type Session struct {
SessionCookieCommon ` koanf:",squash" `
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
2023-01-26 02:23:47 +00:00
Secret string ` koanf:"secret" json:"secret" jsonschema:"title=Secret" jsonschema_description:"Secret used to encrypt the session data" `
Cookies [ ] SessionCookie ` koanf:"cookies" json:"cookies" jsonschema:"title=Cookies" jsonschema_description:"List of cookie domain configurations" `
Redis * SessionRedis ` koanf:"redis" json:"redis" jsonschema:"title=Redis" jsonschema_description:"Redis Session Provider configuration" `
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
2023-01-26 02:23:47 +00:00
// Deprecated: Use the cookies options instead.
Domain string ` koanf:"domain" json:"domain" jsonschema:"deprecated" `
2019-04-24 21:52:08 +00:00
}
2023-01-26 02:23:47 +00:00
type SessionCookieCommon struct {
Name string ` koanf:"name" json:"name" jsonschema:"default=authelia_session" `
SameSite string ` koanf:"same_site" json:"same_site" jsonschema:"default=lax,enum=lax,enum=strict,enum=none" `
Expiration time . Duration ` koanf:"expiration" json:"expiration" jsonschema:"default=1 hour" `
Inactivity time . Duration ` koanf:"inactivity" json:"inactivity" jsonschema:"default=5 minutes" `
RememberMe time . Duration ` koanf:"remember_me" json:"remember_me" jsonschema:"default=30 days" `
2023-01-12 10:57:44 +00:00
2023-01-26 02:23:47 +00:00
DisableRememberMe bool
}
2023-01-12 10:57:44 +00:00
2023-01-26 02:23:47 +00:00
// SessionCookie represents the configuration for a cookie domain.
type SessionCookie struct {
SessionCookieCommon ` koanf:",squash" `
2022-03-02 06:40:26 +00:00
2023-01-26 02:23:47 +00:00
Domain string ` koanf:"domain" json:"domain" jsonschema:"format=hostname,title=Domain" jsonschema_description:"The domain for this session cookie" `
AutheliaURL * url . URL ` koanf:"authelia_url" json:"authelia_url" jsonschema:"format=uri,title=Authelia URL" jsonschema_description:"The Root Authelia URL to redirect users to for this session cookie" `
2019-04-24 21:52:08 +00:00
}
2023-01-26 02:23:47 +00:00
// SessionRedis represents the configuration related to redis session store.
type SessionRedis struct {
Host string ` koanf:"host" json:"host" jsonschema:"title=Host" jsonschema_description:"The redis server host" `
Port int ` koanf:"port" json:"port" jsonschema:"default=6379,title=Host" jsonschema_description:"The redis server port" `
Username string ` koanf:"username" json:"username" jsonschema:"title=Username" jsonschema_description:"The redis username" `
Password string ` koanf:"password" json:"password" jsonschema:"title=Password" jsonschema_description:"The redis password" `
DatabaseIndex int ` koanf:"database_index" json:"database_index" jsonschema:"default=0,title=Database Index" jsonschema_description:"The redis database index" `
MaximumActiveConnections int ` koanf:"maximum_active_connections" json:"maximum_active_connections" jsonschema:"default=8,title=Maximum Active Connections" jsonschema_description:"The maximum connections that can be made to redis at one time" `
MinimumIdleConnections int ` koanf:"minimum_idle_connections" json:"minimum_idle_connections" jsonschema:"title=Minimum Idle Connections" jsonschema_description:"The minimum idle connections that should be open to redis" `
TLS * TLS ` koanf:"tls" json:"tls" `
2023-01-12 10:57:44 +00:00
2023-01-26 02:23:47 +00:00
HighAvailability * SessionRedisHighAvailability ` koanf:"high_availability" json:"high_availability" `
2023-01-12 10:57:44 +00:00
}
2023-01-26 02:23:47 +00:00
// SessionRedisHighAvailability holds configuration variables for Redis Cluster/Sentinel.
type SessionRedisHighAvailability struct {
SentinelName string ` koanf:"sentinel_name" json:"sentinel_name" jsonschema:"title=Sentinel Name" jsonschema_description:"The name of the sentinel instance" `
SentinelUsername string ` koanf:"sentinel_username" json:"sentinel_username" jsonschema:"title=Sentinel Username" jsonschema_description:"The username for the sentinel instance" `
SentinelPassword string ` koanf:"sentinel_password" json:"sentinel_password" jsonschema:"title=Sentinel Username" jsonschema_description:"The username for the sentinel instance" `
RouteByLatency bool ` koanf:"route_by_latency" json:"route_by_latency" jsonschema:"default=false,title=Route by Latency" jsonschema_description:"Uses the Route by Latency mode" `
RouteRandomly bool ` koanf:"route_randomly" json:"route_randomly" jsonschema:"default=false,title=Route Randomly" jsonschema_description:"Uses the Route Randomly mode" `
2023-01-12 10:57:44 +00:00
2023-01-26 02:23:47 +00:00
Nodes [ ] SessionRedisHighAvailabilityNode ` koanf:"nodes" json:"nodes" jsonschema:"title=Nodes" jsonschema_description:"The pre-populated list of nodes for the sentinel instance" `
}
// SessionRedisHighAvailabilityNode Represents a Node.
type SessionRedisHighAvailabilityNode struct {
Host string ` koanf:"host" json:"host" jsonschema:"title=Host" jsonschema_description:"The redis sentinel node host" `
Port int ` koanf:"port" json:"port" jsonschema:"default=26379,title=Port" jsonschema_description:"The redis sentinel node port" `
2023-01-12 10:57:44 +00:00
}
2020-05-02 05:06:39 +00:00
// DefaultSessionConfiguration is the default session configuration.
2023-01-26 02:23:47 +00:00
var DefaultSessionConfiguration = Session {
SessionCookieCommon : SessionCookieCommon {
2023-01-12 10:57:44 +00:00
Name : "authelia_session" ,
Expiration : time . Hour ,
Inactivity : time . Minute * 5 ,
RememberMe : time . Hour * 24 * 30 ,
SameSite : "lax" ,
} ,
2019-04-24 21:52:08 +00:00
}
2022-10-21 08:41:33 +00:00
// DefaultRedisConfiguration is the default redis configuration.
2023-01-26 02:23:47 +00:00
var DefaultRedisConfiguration = SessionRedis {
Port : 6379 ,
MaximumActiveConnections : 8 ,
TLS : & TLS {
MinimumVersion : TLSVersion { Value : tls . VersionTLS12 } ,
} ,
}
// DefaultRedisHighAvailabilityConfiguration is the default redis configuration.
var DefaultRedisHighAvailabilityConfiguration = SessionRedis {
Port : 26379 ,
TLS : & TLS {
2022-10-21 08:41:33 +00:00
MinimumVersion : TLSVersion { Value : tls . VersionTLS12 } ,
} ,
}
