authelia/internal/session/provider_config.go

package session

import (
	"time"

	"github.com/valyala/fasthttp"

	"github.com/authelia/authelia/internal/configuration/schema"
	"github.com/fasthttp/session"
	"github.com/fasthttp/session/memory"
	"github.com/fasthttp/session/redis"
)

// NewProviderConfig creates a configuration for creating the session provider
func NewProviderConfig(configuration schema.SessionConfiguration) ProviderConfig {
	config := session.NewDefaultConfig()

	// Override the cookie name.
	config.CookieName = configuration.Name

	// Set the cookie to the given domain.
	config.Domain = configuration.Domain

	// Only serve the header over HTTPS.
	config.Secure = true

	// TODO(james-d-elliott): Convert to duration notation
	if configuration.Expiration > 0 {
		config.Expires = time.Duration(configuration.Expiration) * time.Second
	} else {
		// If Expiration is 0 then cookie expiration is disabled.
		config.Expires = 0
	}

	// TODO(c.michaud): Make this configurable by giving the list of IPs that are trustable.
	config.IsSecureFunc = func(*fasthttp.RequestCtx) bool {
		return true
	}

	var providerConfig session.ProviderConfig
	var providerName string

	// If redis configuration is provided, then use the redis provider.
	if configuration.Redis != nil {
		providerName = "redis"
		serializer := NewEncryptingSerializer(configuration.Secret)
		providerConfig = &redis.Config{
			Host:     configuration.Redis.Host,
			Port:     configuration.Redis.Port,
			Password: configuration.Redis.Password,
			// DbNumber is the fasthttp/session property for the Redis DB Index
			DbNumber:        configuration.Redis.DatabaseIndex,
			PoolSize:        8,
			IdleTimeout:     300,
			KeyPrefix:       "authelia-session",
			SerializeFunc:   serializer.Encode,
			UnSerializeFunc: serializer.Decode,
		}
	} else { // if no option is provided, use the memory provider.
		providerName = "memory"
		providerConfig = &memory.Config{}
	}
	return ProviderConfig{
		config:         config,
		providerName:   providerName,
		providerConfig: providerConfig,
	}
}
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`package session`

			`import (`
			`"time"`

			`"github.com/valyala/fasthttp"`

Rename org from clems4ever to authelia Also fix references from config.yml to configuration.yml 2019-12-24 02:14:52 +00:00			`"github.com/authelia/authelia/internal/configuration/schema"`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`"github.com/fasthttp/session"`
			`"github.com/fasthttp/session/memory"`
			`"github.com/fasthttp/session/redis"`
			`)`

			`// NewProviderConfig creates a configuration for creating the session provider`
			`func NewProviderConfig(configuration schema.SessionConfiguration) ProviderConfig {`
			`config := session.NewDefaultConfig()`

			`// Override the cookie name.`
			`config.CookieName = configuration.Name`

			`// Set the cookie to the given domain.`
			`config.Domain = configuration.Domain`

			`// Only serve the header over HTTPS.`
			`config.Secure = true`

[FEATURE] Remember Me Configuration (#813) * [FEATURE] Remember Me Configuration * allow users to specify the duration of remember me using remember_me_duration in session config * setting the duration to 0 disables remember me * only render the remember me element if remember me is enabled * prevent malicious users from faking remember me functionality in the backend * add string to duration helper called ParseDurationString to parse a string into a duration * added tests to the helper function * use the SessionProvider to store the time.Duration instead of parsing it over and over again * add sec doc, adjust month/min, consistency * renamed internal/utils/constants.go to internal/utils/const.go to be consistent * added security measure docs * adjusted default remember me duration to be 1 month instead of 1 year * utilize default remember me duration in the autheliaCtx mock * adjust order of keys in session configuration examples * add notes on session security measures secret only being redis * add TODO items for duration notation for both Expiration and Inactivity (will be removed soon) * fix error text for Inactivity in the validator * add session validator tests * deref check bodyJSON.KeepMeLoggedIn and derive the value based on conf and user input and store it (DRY) * remove unnecessary regex for the simplified ParseDurationString utility * ParseDurationString only accepts decimals without leading zeros now * comprehensively test all unit types * remove unnecessary type unions in web * add test to check sanity of time duration consts, this is just so they can't be accidentally changed * simplify deref check and assignment * fix reset password padding/margins * adjust some doc wording * adjust the handler configuration suite test * actually run the handler configuration suite test (whoops) * reduce the number of regex's used by ParseDurationString to 1, thanks to Clement * adjust some error wording 2020-04-03 23:11:33 +00:00			`// TODO(james-d-elliott): Convert to duration notation`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`if configuration.Expiration > 0 {`
			`config.Expires = time.Duration(configuration.Expiration) * time.Second`
			`} else {`
			`// If Expiration is 0 then cookie expiration is disabled.`
			`config.Expires = 0`
			`}`

			`// TODO(c.michaud): Make this configurable by giving the list of IPs that are trustable.`
			`config.IsSecureFunc = func(*fasthttp.RequestCtx) bool {`
			`return true`
			`}`

			`var providerConfig session.ProviderConfig`
			`var providerName string`

			`// If redis configuration is provided, then use the redis provider.`
			`if configuration.Redis != nil {`
			`providerName = "redis"`
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652. 2020-03-28 06:10:39 +00:00			`serializer := NewEncryptingSerializer(configuration.Secret)`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`providerConfig = &redis.Config{`
[FEATURE] Redis DB Index Selection (#653) * [FEATURE] Redis DB Number Selection - Allow users to specify the DB number - This is so users who use their redis for multiple purposes can have clear demarcation between their data * revert: import order * Add default/example to config template with docs * Set DB Index property name to be more clear 2020-02-28 00:14:44 +00:00			`Host: configuration.Redis.Host,`
			`Port: configuration.Redis.Port,`
			`Password: configuration.Redis.Password,`
			`// DbNumber is the fasthttp/session property for the Redis DB Index`
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652. 2020-03-28 06:10:39 +00:00			`DbNumber: configuration.Redis.DatabaseIndex,`
			`PoolSize: 8,`
			`IdleTimeout: 300,`
			`KeyPrefix: "authelia-session",`
			`SerializeFunc: serializer.Encode,`
			`UnSerializeFunc: serializer.Decode,`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`}`
			`} else { // if no option is provided, use the memory provider.`
			`providerName = "memory"`
			`providerConfig = &memory.Config{}`
			`}`
			`return ProviderConfig{`
			`config: config,`
			`providerName: providerName,`
			`providerConfig: providerConfig,`
			`}`
			`}`