Add notes for the new lead maintainer of the open-source iris project and align with @get-ion/ion by @hiveminded

Former-commit-id: da4f38eb9034daa49446df3ee529423b98f9b331

sessions/sessions.go

@@ -1,94 +1,48 @@
-// Copyright 2017 Gerasimos Maropoulos, ΓΜ. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
 package sessions
 
 import (
 	"net/http"
 	"strings"
 	"time"
+
+	"github.com/kataras/iris/context"
 )
 
-type (
-
-	// Sessions must be implemented within a session manager.
-	//
-	// A Sessions should be responsible to Start a sesion based
-	// on raw http.ResponseWriter and http.Request, which should return
-	// a compatible Session interface, type. If the external session manager
-	// doesn't qualifies, then the user should code the rest of the functions with empty implementation.
-	//
-	// Sessions should be responsible to Destroy a session based
-	// on the http.ResponseWriter and http.Request, this function should works individually.
-	Sessions interface {
-		// Start should start the session for the particular net/http request.
-		Start(http.ResponseWriter, *http.Request) Session
-
-		// Destroy should kills the net/http session and remove the associated cookie.
-		Destroy(http.ResponseWriter, *http.Request)
-	} // Sessions is being implemented by Manager
-
-	// Session should expose the Sessions's end-user API.
-	// This will be returned at the sess := context.Session().
-	Session interface {
-		ID() string
-		Get(string) interface{}
-		HasFlash() bool
-		GetFlash(string) interface{}
-		GetString(key string) string
-		GetFlashString(string) string
-		GetInt(key string) (int, error)
-		GetInt64(key string) (int64, error)
-		GetFloat32(key string) (float32, error)
-		GetFloat64(key string) (float64, error)
-		GetBoolean(key string) (bool, error)
-		GetAll() map[string]interface{}
-		GetFlashes() map[string]interface{}
-		VisitAll(cb func(k string, v interface{}))
-		Set(string, interface{})
-		SetImmutable(key string, value interface{})
-		SetFlash(string, interface{})
-		Delete(string) bool
-		DeleteFlash(string)
-		Clear()
-		ClearFlashes()
-	} // Session is being implemented inside session.go
-
-	// Manager implements the Sessions interface which Iris uses to start and destroy a session from its Context.
-	Manager struct {
-		config   Config
-		provider *provider
-	}
-)
+// A Sessions manager should be responsible to Start a sesion, based
+// on a Context, which should return
+// a compatible Session interface, type. If the external session manager
+// doesn't qualifies, then the user should code the rest of the functions with empty implementation.
+//
+// Sessions should be responsible to Destroy a session based
+// on the Context.
+type Sessions struct {
+	config   Config
+	provider *provider
+}
 
 // New returns a new fast, feature-rich sessions manager
-// it can be adapted to an Iris station
-func New(cfg Config) *Manager {
-	return &Manager{
+// it can be adapted to an iris station
+func New(cfg Config) *Sessions {
+	return &Sessions{
 		config:   cfg.Validate(),
 		provider: newProvider(),
 	}
 }
 
-var _ Sessions = &Manager{}
-
 // UseDatabase adds a session database to the manager's provider,
 // a session db doesn't have write access
-func (s *Manager) UseDatabase(db Database) {
+func (s *Sessions) UseDatabase(db Database) {
 	s.provider.RegisterDatabase(db)
 }
 
-// Start starts the session for the particular net/http request
-func (s *Manager) Start(res http.ResponseWriter, req *http.Request) Session {
-	var sess Session
-
-	cookieValue := GetCookie(s.config.Cookie, req)
+// Start should start the session for the particular request.
+func (s *Sessions) Start(ctx context.Context) *Session {
+	cookieValue := GetCookie(ctx, s.config.Cookie)
 
 	if cookieValue == "" { // cookie doesn't exists, let's generate a session and add set a cookie
 		sid := s.config.SessionIDGenerator()
 
-		sess = s.provider.Init(sid, s.config.Expires)
+		sess := s.provider.Init(sid, s.config.Expires)
 		cookie := &http.Cookie{}
 
 		// The RFC makes no mention of encoding url value, so here I think to encode both sessionid key and the value using the safe(to put and to use as cookie) url-encoding
@@ -98,7 +52,7 @@ func (s *Manager) Start(res http.ResponseWriter, req *http.Request) Session {
 		cookie.Path = "/"
 		if !s.config.DisableSubdomainPersistence {
 
-			requestDomain := req.URL.Host
+			requestDomain := ctx.Request().URL.Host
 			if portIdx := strings.IndexByte(requestDomain, ':'); portIdx > 0 {
 				requestDomain = requestDomain[0:portIdx]
 			}
@@ -125,8 +79,8 @@ func (s *Manager) Start(res http.ResponseWriter, req *http.Request) Session {
 				// finally set the .localhost.com (for(1-level) || .mysubdomain.localhost.com (for 2-level subdomain allow)
 				cookie.Domain = "." + requestDomain // . to allow persistence
 			}
-
 		}
+
 		cookie.HttpOnly = true
 		// MaxAge=0 means no 'Max-Age' attribute specified.
 		// MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'
@@ -142,33 +96,33 @@ func (s *Manager) Start(res http.ResponseWriter, req *http.Request) Session {
 
 		// set the cookie to secure if this is a tls wrapped request
 		// and the configuration allows it.
-		if req.TLS != nil && s.config.CookieSecureTLS {
+		if ctx.Request().TLS != nil && s.config.CookieSecureTLS {
 			cookie.Secure = true
 		}
 
 		// encode the session id cookie client value right before send it.
 		cookie.Value = s.encodeCookieValue(cookie.Value)
+		AddCookie(ctx, cookie)
 
-		AddCookie(cookie, res)
-	} else {
-
-		cookieValue = s.decodeCookieValue(cookieValue)
-
-		sess = s.provider.Read(cookieValue, s.config.Expires)
+		return sess
 	}
+
+	cookieValue = s.decodeCookieValue(cookieValue)
+	sess := s.provider.Read(cookieValue, s.config.Expires)
 	return sess
+
 }
 
 // Destroy remove the session data and remove the associated cookie.
-func (s *Manager) Destroy(res http.ResponseWriter, req *http.Request) {
-	cookieValue := GetCookie(s.config.Cookie, req)
+func (s *Sessions) Destroy(ctx context.Context) {
+	cookieValue := GetCookie(ctx, s.config.Cookie)
 	// decode the client's cookie value in order to find the server's session id
 	// to destroy the session data.
 	cookieValue = s.decodeCookieValue(cookieValue)
 	if cookieValue == "" { // nothing to destroy
 		return
 	}
-	RemoveCookie(s.config.Cookie, res, req)
+	RemoveCookie(ctx, s.config.Cookie)
 
 	s.provider.Destroy(cookieValue)
 }
@@ -181,19 +135,19 @@ func (s *Manager) Destroy(res http.ResponseWriter, req *http.Request) {
 //
 // Note: the sid should be the original one (i.e: fetched by a store )
 // it's not decoded.
-func (s *Manager) DestroyByID(sid string) {
+func (s *Sessions) DestroyByID(sid string) {
 	s.provider.Destroy(sid)
 }
 
 // DestroyAll removes all sessions
 // from the server-side memory (and database if registered).
 // Client's session cookie will still exist but it will be reseted on the next request.
-func (s *Manager) DestroyAll() {
+func (s *Sessions) DestroyAll() {
 	s.provider.DestroyAll()
 }
 
 // let's keep these funcs simple, we can do it with two lines but we may add more things in the future.
-func (s *Manager) decodeCookieValue(cookieValue string) string {
+func (s *Sessions) decodeCookieValue(cookieValue string) string {
 	var cookieValueDecoded *string
 	if decode := s.config.Decode; decode != nil {
 		err := decode(s.config.Cookie, cookieValue, &cookieValueDecoded)
@@ -206,7 +160,7 @@ func (s *Manager) decodeCookieValue(cookieValue string) string {
 	return cookieValue
 }
 
-func (s *Manager) encodeCookieValue(cookieValue string) string {
+func (s *Sessions) encodeCookieValue(cookieValue string) string {
 	if encode := s.config.Encode; encode != nil {
 		newVal, err := encode(s.config.Cookie, cookieValue)
 		if err == nil {