Use SQL transaction when creating user sessions
This commit is contained in:
parent
7be9f5989e
commit
60a7362327
4 changed files with 27 additions and 11 deletions
|
@ -55,21 +55,37 @@ func (s *Storage) UserSessions(userID int64) (model.UserSessions, error) {
|
||||||
return sessions, nil
|
return sessions, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// CreateUserSession creates a new sessions.
|
// CreateUserSessionFromUsername creates a new user session.
|
||||||
func (s *Storage) CreateUserSession(username, userAgent, ip string) (sessionID string, userID int64, err error) {
|
func (s *Storage) CreateUserSessionFromUsername(username, userAgent, ip string) (sessionID string, userID int64, err error) {
|
||||||
query := `SELECT id FROM users WHERE username = LOWER($1)`
|
token := crypto.GenerateRandomString(64)
|
||||||
err = s.db.QueryRow(query, username).Scan(&userID)
|
|
||||||
|
tx, err := s.db.Begin()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
return "", 0, fmt.Errorf(`store: unable to start transaction: %v`, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = tx.QueryRow(`SELECT id FROM users WHERE username = LOWER($1)`, username).Scan(&userID)
|
||||||
|
if err != nil {
|
||||||
|
tx.Rollback()
|
||||||
return "", 0, fmt.Errorf(`store: unable to fetch user ID: %v`, err)
|
return "", 0, fmt.Errorf(`store: unable to fetch user ID: %v`, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
token := crypto.GenerateRandomString(64)
|
_, err = tx.Exec(
|
||||||
query = `INSERT INTO user_sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)`
|
`INSERT INTO user_sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)`,
|
||||||
_, err = s.db.Exec(query, token, userID, userAgent, ip)
|
token,
|
||||||
|
userID,
|
||||||
|
userAgent,
|
||||||
|
ip,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
tx.Rollback()
|
||||||
return "", 0, fmt.Errorf(`store: unable to create user session: %v`, err)
|
return "", 0, fmt.Errorf(`store: unable to create user session: %v`, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if err := tx.Commit(); err != nil {
|
||||||
|
return "", 0, fmt.Errorf(`store: unable to commit transaction: %v`, err)
|
||||||
|
}
|
||||||
|
|
||||||
return token, userID, nil
|
return token, userID, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -35,7 +35,7 @@ func (h *handler) checkLogin(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
sessionToken, userID, err := h.store.CreateUserSession(authForm.Username, r.UserAgent(), clientIP)
|
sessionToken, userID, err := h.store.CreateUserSessionFromUsername(authForm.Username, r.UserAgent(), clientIP)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
html.ServerError(w, r, err)
|
html.ServerError(w, r, err)
|
||||||
return
|
return
|
||||||
|
|
|
@ -204,7 +204,7 @@ func (m *middleware) handleAuthProxy(next http.Handler) http.Handler {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sessionToken, _, err := m.store.CreateUserSession(user.Username, r.UserAgent(), clientIP)
|
sessionToken, _, err := m.store.CreateUserSessionFromUsername(user.Username, r.UserAgent(), clientIP)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
html.ServerError(w, r, err)
|
html.ServerError(w, r, err)
|
||||||
return
|
return
|
||||||
|
|
|
@ -114,7 +114,7 @@ func (h *handler) oauth2Callback(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sessionToken, _, err := h.store.CreateUserSession(user.Username, r.UserAgent(), clientIP)
|
sessionToken, _, err := h.store.CreateUserSessionFromUsername(user.Username, r.UserAgent(), clientIP)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
html.ServerError(w, r, err)
|
html.ServerError(w, r, err)
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in a new issue