From 8ffb773f43c8dc54801ca1d111854e7e881c93c9 Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@miniflux.net>
Date: Sun, 19 Nov 2017 21:10:04 -0800
Subject: First commit

---
 storage/session.go | 125 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 125 insertions(+)
 create mode 100644 storage/session.go

(limited to 'storage/session.go')

diff --git a/storage/session.go b/storage/session.go
new file mode 100644
index 0000000..296711d
--- /dev/null
+++ b/storage/session.go
@@ -0,0 +1,125 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package storage
+
+import (
+	"database/sql"
+	"fmt"
+	"github.com/miniflux/miniflux2/helper"
+	"github.com/miniflux/miniflux2/model"
+)
+
+func (s *Storage) GetSessions(userID int64) (model.Sessions, error) {
+	query := `SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE user_id=$1 ORDER BY id DESC`
+	rows, err := s.db.Query(query, userID)
+	if err != nil {
+		return nil, fmt.Errorf("unable to fetch sessions: %v", err)
+	}
+	defer rows.Close()
+
+	var sessions model.Sessions
+	for rows.Next() {
+		var session model.Session
+		err := rows.Scan(
+			&session.ID,
+			&session.UserID,
+			&session.Token,
+			&session.CreatedAt,
+			&session.UserAgent,
+			&session.IP,
+		)
+
+		if err != nil {
+			return nil, fmt.Errorf("unable to fetch session row: %v", err)
+		}
+
+		sessions = append(sessions, &session)
+	}
+
+	return sessions, nil
+}
+
+func (s *Storage) CreateSession(username, userAgent, ip string) (sessionID string, err error) {
+	var userID int64
+
+	err = s.db.QueryRow("SELECT id FROM users WHERE username = $1", username).Scan(&userID)
+	if err != nil {
+		return "", fmt.Errorf("unable to fetch UserID: %v", err)
+	}
+
+	token := helper.GenerateRandomString(64)
+	query := "INSERT INTO sessions (token, user_id, user_agent, ip) VALUES ($1, $2, $3, $4)"
+	_, err = s.db.Exec(query, token, userID, userAgent, ip)
+	if err != nil {
+		return "", fmt.Errorf("unable to create session: %v", err)
+	}
+
+	s.SetLastLogin(userID)
+
+	return token, nil
+}
+
+func (s *Storage) GetSessionByToken(token string) (*model.Session, error) {
+	var session model.Session
+
+	query := "SELECT id, user_id, token, created_at, user_agent, ip FROM sessions WHERE token = $1"
+	err := s.db.QueryRow(query, token).Scan(
+		&session.ID,
+		&session.UserID,
+		&session.Token,
+		&session.CreatedAt,
+		&session.UserAgent,
+		&session.IP,
+	)
+
+	if err == sql.ErrNoRows {
+		return nil, fmt.Errorf("session not found: %s", token)
+	} else if err != nil {
+		return nil, fmt.Errorf("unable to fetch session: %v", err)
+	}
+
+	return &session, nil
+}
+
+func (s *Storage) RemoveSessionByToken(userID int64, token string) error {
+	result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND token=$2`, userID, token)
+	if err != nil {
+		return fmt.Errorf("unable to remove this session: %v", err)
+	}
+
+	count, err := result.RowsAffected()
+	if err != nil {
+		return fmt.Errorf("unable to remove this session: %v", err)
+	}
+
+	if count != 1 {
+		return fmt.Errorf("nothing has been removed")
+	}
+
+	return nil
+}
+
+func (s *Storage) RemoveSessionByID(userID, sessionID int64) error {
+	result, err := s.db.Exec(`DELETE FROM sessions WHERE user_id=$1 AND id=$2`, userID, sessionID)
+	if err != nil {
+		return fmt.Errorf("unable to remove this session: %v", err)
+	}
+
+	count, err := result.RowsAffected()
+	if err != nil {
+		return fmt.Errorf("unable to remove this session: %v", err)
+	}
+
+	if count != 1 {
+		return fmt.Errorf("nothing has been removed")
+	}
+
+	return nil
+}
+
+func (s *Storage) FlushAllSessions() (err error) {
+	_, err = s.db.Exec(`delete from sessions`)
+	return
+}
-- 
cgit v1.2.3