redis sessions

go.mod

@@ -6,7 +6,10 @@ require github.com/go-ldap/ldap/v3 v3.4.13
 
 require (
 	github.com/Azure/go-ntlmssp v0.1.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
 	github.com/google/uuid v1.6.0 // indirect
+	github.com/redis/go-redis/v9 v9.20.0 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
 	golang.org/x/crypto v0.48.0 // indirect
 )

go.sum

@@ -2,6 +2,8 @@ github.com/Azure/go-ntlmssp v0.1.0 h1:DjFo6YtWzNqNvQdrwEyr/e4nhU3vRiwenz5QX7sFz+
 github.com/Azure/go-ntlmssp v0.1.0/go.mod h1:NYqdhxd/8aAct/s4qSYZEerdPuH1liG2/X9DiVTbhpk=
 github.com/alexbrainman/sspi v0.0.0-20250919150558-7d374ff0d59e h1:4dAU9FXIyQktpoUAgOJK3OTFc/xug0PCXYCqU0FgDKI=
 github.com/alexbrainman/sspi v0.0.0-20250919150558-7d374ff0d59e/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo=
@@ -30,8 +32,12 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ
 github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/redis/go-redis/v9 v9.20.0 h1:WnQYxLkgO2xiXTCJY0ldIiI8dNqCDlQAG+AtaH7a2a0=
+github.com/redis/go-redis/v9 v9.20.0/go.mod h1:v/M13XI1PVCDcm01VtPFOADfZtHf8YW3baQf57KlIkA=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
+go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
 golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=

src/main/main.go

@@ -213,7 +213,7 @@ func changePasswordHandler(w http.ResponseWriter, r *http.Request) {
 func main() {
 	logging.Info("Starting the server")
 	sessionManager = session.GetSessionManager()
-	sessionManager.SetStoreType(session.InMemory)
+	sessionManager.SetStoreType(session.Redis)
 
 	var err error
 	serverConfig, err = loadServerConfig("./data/config.json")

src/session/session_errors.go

@@ -5,3 +5,4 @@ import "errors"
 var ErrSessionNotFound = errors.New("session not found")
 var ErrSessionAlreadyExists = errors.New("session already exists")
 var ErrSessionExpired = errors.New("session expired")
+var ErrSessionBackend = errors.New("session backend")

src/session/session_manager.go

@@ -21,6 +21,7 @@ type StoreType int
 
 const (
 	InMemory StoreType = iota
+	Redis
 )
 
 func GetSessionManager() *SessionManager {
@@ -38,6 +39,11 @@ func (manager *SessionManager) SetStoreType(storeType StoreType) {
 			manager.store = NewMemoryStore()
 			break
 		}
+	case Redis:
+		{
+			manager.store = NewRedisStore()
+			break
+		}
 	}
 }
 

src/session/session_redis.go

@@ -0,0 +1,117 @@
+package session
+
+import (
+	"context"
+	"encoding/json"
+	"time"
+
+	"astraltech.xyz/accountmanager/src/logging"
+	"github.com/redis/go-redis/v9"
+)
+
+type RedisStore struct {
+	client *redis.Client
+	ctx    context.Context
+}
+
+func NewRedisStore() *RedisStore {
+	logging.Debug("Creating new redis session store")
+
+	// this will be replaced with a URL that can be parsed in the config file
+	redis_server := "redis://localhost:6379/0"
+
+	opts, err := redis.ParseURL(redis_server)
+	if err != nil {
+		logging.Errorf("Failed to parse redis url %s", err.Error())
+	}
+
+	rdb := redis.NewClient(opts)
+
+	ctx := context.Background()
+	if err := rdb.Ping(ctx).Err(); err != nil {
+		logging.Errorf("Failed to connect to redis server %s", redis_server)
+	} else {
+		logging.Infof("Successfully connected to redis server %s", redis_server)
+	}
+
+	store := &RedisStore{
+		client: rdb,
+		ctx:    ctx,
+	}
+	return store
+}
+
+// 	return rdb.Set(ctx, key, data, 0).Err()
+
+func (m *RedisStore) Create(sessionID string, session *SessionData) (err error) {
+	hashedSession := hashSession(sessionID)
+
+	data, err := json.Marshal(*session)
+	if err != nil {
+		return ErrSessionBackend
+	}
+
+	created, err := m.client.SetNX(m.ctx, hashedSession, data, time.Hour).Result()
+	if err != nil {
+		logging.Error(err.Error())
+		return ErrSessionBackend
+	}
+
+	if !created {
+		return ErrSessionAlreadyExists
+	}
+	return nil
+}
+func (m *RedisStore) Get(sessionID string) (*SessionData, error) {
+	hashed := hashSession(sessionID)
+
+	data, err := m.client.Get(m.ctx, hashed).Bytes()
+	if err == redis.Nil {
+		return nil, ErrSessionNotFound
+	} else if err != nil {
+		logging.Error(err.Error())
+		return nil, ErrSessionBackend
+	}
+
+	var session_data SessionData
+	if err := json.Unmarshal(data, &session_data); err != nil {
+		logging.Error(err.Error())
+		return nil, ErrSessionBackend
+	}
+
+	if time.Now().After(session_data.ExpiresAt) {
+		_ = m.Delete(sessionID)
+		return nil, ErrSessionBackend
+	}
+	return &session_data, nil
+}
+
+func (m *RedisStore) Update(sessionID string, session *SessionData) error {
+	hashedSession := hashSession(sessionID)
+
+	data, err := json.Marshal(*session)
+	if err != nil {
+		return ErrSessionBackend
+	}
+
+	updated, err := m.client.SetXX(m.ctx, hashedSession, data, time.Hour).Result()
+	if err != nil {
+		logging.Error(err.Error())
+		return ErrSessionBackend
+	}
+
+	if !updated {
+		return ErrSessionNotFound
+	}
+	return nil
+}
+
+func (m *RedisStore) Delete(sessionID string) error {
+	hashedSession := hashSession(sessionID)
+	err := m.client.Del(m.ctx, hashedSession).Err()
+	if err != nil {
+		logging.Error(err.Error())
+		return ErrSessionBackend
+	}
+	return nil
+}

src/session/session_store.go

@@ -3,9 +3,9 @@ package session
 import "time"
 
 type SessionData struct {
-	UserID    string
+	UserID    string    `json:"userid"`
-	CSRFToken string
+	CSRFToken string    `json:"csrftoken"`
-	ExpiresAt time.Time
+	ExpiresAt time.Time `json:"expiresat"`
 }
 
 type SessionStore interface {