stale sessions not deleting

final cleanups
Finish logging
2026-03-25 14:05:27 -04:00 · 2026-03-25 14:02:53 -04:00 · 2026-03-25 14:01:46 -04:00 · 2026-03-25 13:55:37 -04:00 · 2026-03-25 10:20:20 -04:00 · 2026-03-25 09:40:50 -04:00
5 changed files with 127 additions and 39 deletions
--- a/src/logging/logging.go
+++ b/src/logging/logging.go
@@ -1,7 +1,6 @@
 package logging
 import (
 	"fmt"
 	"log"
 )
@@ -9,54 +8,113 @@ type EventType int
 const (
 	ReadFile EventType = iota
 	AuthenticateUser
 )
 type LogLevel int
 const (
 	InfoLevel LogLevel = iota
 	EventLevel
 	DebugLevel
 	WarnLevel
 	ErrorLevel
 	FatalLevel
 )
 var (
 	currentLevel LogLevel = InfoLevel
 )
 func Info(message string) {
 	if currentLevel > InfoLevel {
 		return
 	}
 	log.Printf("Info: %s", message)
 }
 func Infof(message string, v ...any) {
-	log.Printf("Info: %s", fmt.Sprintf(message, v...))
+	if currentLevel > InfoLevel {
 		return
 	}
 	log.Printf("Info: "+message, v...)
 }
 func Debug(message string) {
 	if currentLevel > DebugLevel {
 		return
 	}
 	log.Printf("Debug: %s", message)
 }
 func Debugf(message string, v ...any) {
-	log.Printf("Debug: %s", fmt.Sprintf(message, v...))
+	if currentLevel > DebugLevel {
 		return
 	}
 	log.Printf("Debug: "+message, v...)
 }
 func Warn(message string) {
 	if currentLevel > WarnLevel {
 		return
 	}
 	log.Printf("Warn: %s", message)
 }
 func Warnf(message string, v ...any) {
-	log.Printf("Warn: %s", fmt.Sprintf(message, v...))
+	if currentLevel > WarnLevel {
 		return
 	}
 	log.Printf("Warn: "+message, v...)
 }
 func Error(message string) {
 	if currentLevel > ErrorLevel {
 		return
 	}
 	log.Printf("Error: %s", message)
 }
 func Errorf(message string, v ...any) {
-	log.Printf("Error: %s", fmt.Sprintf(message, v...))
+	if currentLevel > ErrorLevel {
 		return
 	}
 	log.Printf("Error: "+message, v...)
 }
 func Fatal(message string) {
 	if currentLevel > FatalLevel {
 		return
 	}
 	log.Fatal(message)
 }
 func Fatalf(message string, v ...any) {
 	if currentLevel > FatalLevel {
 		return
 	}
 	log.Fatalf(message, v...)
 }
 func Event(eventType EventType, eventData ...any) {
 	if currentLevel > EventLevel {
 		return
 	}
 	switch eventType {
 	case ReadFile:
 		{
 			log.Printf("Reading file %s", eventData[0])
 			break
 		}
 	case AuthenticateUser:
 		{
 			log.Printf("Authenticating user %s", eventData[0])
 			break
 		}
 	}
 }
 func SetLogLovel(level LogLevel) {
 	currentLevel = level
 }
--- a/src/main/email.go
+++ b/src/main/email.go
@@ -1,9 +1,11 @@
 package main
 import (
 	"log"
 	"net/smtp"
 	"strconv"
 	"strings"
 	"astraltech.xyz/accountmanager/src/logging"
 )
 type EmailAccount struct {
@@ -20,6 +22,7 @@ type EmailAccountData struct {
 }
 func createEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort int) EmailAccount {
 	logging.Debugf("Creating Email Account: \n\tUsername: %s\n\tEmail: %s\n\tSMTP Host: %s:%d", accountData.username, accountData.email, smtpHost, smtpPort)
 	account := EmailAccount{
 		email:    accountData.email,
 		smtpHost: smtpHost,
@@ -30,13 +33,9 @@ func createEmailAccount(accountData EmailAccountData, smtpHost string, smtpPort
 }
 func sendEmail(account EmailAccount, toEmail []string, subject string, message string) {
-	ToEmailList := ""
+	logging.Debugf("Sending an email from %s to %s", account.email, strings.Join(toEmail, ""))
-	for i := 0; i < len(toEmail); i++ {
+
-		ToEmailList += toEmail[i]
+	ToEmailList := strings.Join(toEmail, "")
 		if i+1 < len(toEmail) {
 			ToEmailList += ", "
 		}
 	}
 	messageData := []byte(
 		"From: " + account.email + "\r\n" +
@@ -47,6 +46,7 @@ func sendEmail(account EmailAccount, toEmail []string, subject string, message s
 	)
 	err := smtp.SendMail(account.smtpHost+":"+account.smtpPort, account.auth, account.email, toEmail, messageData)
 	if err != nil {
-		log.Print(err)
+		logging.Error("Failed to send email")
 		logging.Error(err.Error())
 	}
 }
--- a/src/main/ldap.go
+++ b/src/main/ldap.go
@@ -2,8 +2,8 @@ package main
 import (
 	"crypto/tls"
-	"errors"
+	"fmt"
-	"log"
+	"strings"
 	"astraltech.xyz/accountmanager/src/logging"
 	"github.com/go-ldap/ldap/v3"
@@ -46,41 +46,55 @@ func connectToLDAPServer(URL string, starttls bool, ignore_cert bool) *LDAPServe
 	}
 }
-func reconnectToLDAPServer(server *LDAPServer) {
+func reconnectToLDAPServer(server *LDAPServer) error {
 	logging.Debugf("Reconnecting to %s LDAP server", server.URL)
 	if server == nil {
-		log.Println("Cannot reconnect: server is nil")
+		logging.Errorf("Cannot reconnect: server is nil")
-		return
+		return fmt.Errorf("Server is nil")
 	}
 	l, err := ldap.DialURL(server.URL)
 	if err != nil {
-		log.Print(err)
+		logging.Errorf("Failed to connect to LDAP server (has server gone down)")
-		return
+		return err
 	}
 	if server.StartTLS {
 		logging.Debugf("StartTLS enabling")
 		if err := l.StartTLS(&tls.Config{InsecureSkipVerify: server.IgnoreInsecureCert}); err != nil {
-			log.Println("StartTLS failed:", err)
+			logging.Error("StartTLS failed")
 			return err
 		}
 		logging.Debugf("Successfully Started TLS")
 	}
 	server.Connection = l
 	return nil
 }
 func connectAsLDAPUser(server *LDAPServer, bindDN, password string) error {
 	logging.Debugf("Connecting to %s LDAP server with %s BindDN", server.URL, bindDN)
 	if server == nil {
-		return errors.New("LDAP server is nil")
+		logging.Errorf("Failed to connect as user, LDAP server is NULL")
 		return fmt.Errorf("LDAP server is null")
 	}
 	// Reconnect if needed
 	if server.Connection == nil || server.Connection.IsClosing() {
-		reconnectToLDAPServer(server)
+		err := reconnectToLDAPServer(server)
 		return err
 	}
-	return server.Connection.Bind(bindDN, password)
+	err := server.Connection.Bind(bindDN, password)
 	if err != nil {
 		logging.Errorf("Failed to bind to LDAP as user %s", err.Error())
 		return err
 	}
 	return nil
 }
 func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, attributes []string) LDAPSearch {
 	logging.Debugf("Searching %s LDAP server\n\tBase DN: %s\n\tSearch Filter %s\n\tAttributes: %s", server.URL, baseDN, searchFilter, strings.Join(attributes, ","))
 	if server == nil {
 		logging.Errorf("Server is nil, failed to search LDAP server")
 		return LDAPSearch{false, nil}
 	}
@@ -100,6 +114,7 @@ func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, at
 	sr, err := server.Connection.Search(searchRequest)
 	if err != nil {
 		logging.Errorf("Failed to search LDAP server %s\n", err.Error())
 		return LDAPSearch{false, nil}
 	}
@@ -107,10 +122,12 @@ func searchLDAPServer(server *LDAPServer, baseDN string, searchFilter string, at
 }
 func modifyLDAPAttribute(server *LDAPServer, userDN string, attribute string, data []string) error {
 	logging.Infof("Modifing LDAP attribute %s", attribute)
 	modify := ldap.NewModifyRequest(userDN, nil)
 	modify.Replace(attribute, data)
 	err := server.Connection.Modify(modify)
 	if err != nil {
 		logging.Errorf("Failed to modify %s", err.Error())
 		return err
 	}
 	return nil
--- a/src/main/main.go
+++ b/src/main/main.go
@@ -57,6 +57,7 @@ func createUserPhoto(username string, photoData []byte) error {
 }
 func authenticateUser(username, password string) (UserData, error) {
 	logging.Event(logging.AuthenticateUser, username)
 	ldapServerMutex.Lock()
 	defer ldapServerMutex.Unlock()
 	if ldapServer.Connection == nil {
@@ -191,7 +192,6 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
 	connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword)
 	if connected != nil {
 		w.Write(blankPhotoData)
 		fmt.Println("Returned blank avatar because couldnt connect as user")
 		return
 	}
@@ -203,13 +203,11 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
 	)
 	if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 {
 		w.Write(blankPhotoData)
 		fmt.Println("Returned blank avatar because we couldnt find the user")
 		return
 	}
 	entry := userSearch.LDAPSearch.Entries[0]
 	bytes := entry.GetRawAttributeValue("jpegphoto")
 	if len(bytes) == 0 {
 		fmt.Println("Returned blank avatar because we just don't have an avatar")
 		w.Write(blankPhotoData)
 		return
 	} else {
@@ -230,14 +228,13 @@ func logoutHandler(w http.ResponseWriter, r *http.Request) {
 	if exist {
 		if r.FormValue("csrf_token") != sessionData.CSRFToken {
 			http.Error(w, "Unable to log user out", http.StatusForbidden)
-			log.Printf("%s attempted to logout with invalid csrf token", sessionData.data.Username)
+			logging.Debugf("%s attempted to logout with invalid csrf token", sessionData.data.Username)
 			return
 		}
 	}
 	logging.Infof("handling logout event for %s", sessionData.data.Username)
-	sessionMutex.Lock()
+	deleteSession(token)
 	delete(sessions, token)
 	sessionMutex.Unlock()
 	http.Redirect(w, r, "/login", http.StatusSeeOther)
 }
@@ -293,9 +290,9 @@ func logoHandler(w http.ResponseWriter, r *http.Request) {
 }
 func cleanupSessions() {
-	sessionMutex.Lock()
+	logging.Debug("Cleaning up stale session\n")
 	defer sessionMutex.Unlock()
 	sessionMutex.Lock()
 	sessions_to_delete := []string{}
 	for session_token, session_data := range sessions {
 		timeUntilRemoval := time.Minute * 5
@@ -306,8 +303,9 @@ func cleanupSessions() {
 			sessions_to_delete = append(sessions_to_delete, session_token)
 		}
 	}
 	sessionMutex.Unlock()
 	for _, session_id := range sessions_to_delete {
-		delete(sessions, session_id)
+		deleteSession(session_id)
 	}
 }
--- a/src/main/session.go
+++ b/src/main/session.go
@@ -4,10 +4,11 @@ import (
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/base64"
 	"log"
 	"net/http"
 	"sync"
 	"time"
 	"astraltech.xyz/accountmanager/src/logging"
 )
 type SessionData struct {
@@ -33,14 +34,15 @@ func GenerateSessionToken(length int) (string, error) {
 }
 func createSession(userData *UserData) *http.Cookie {
 	logging.Debugf("Creating a new session for %s", userData.Username)
 	token, err := GenerateSessionToken(32) // Use crypto/rand for this
 	if err != nil {
-		log.Print(err)
+		logging.Error(err.Error())
 		return nil
 	}
 	CSRFToken, err := GenerateSessionToken(32)
 	if err != nil {
-		log.Print(err)
+		logging.Error(err.Error())
 		return nil
 	}
@@ -72,8 +74,10 @@ func createSession(userData *UserData) *http.Cookie {
 }
 func validateSession(r *http.Request) (bool, *SessionData) {
 	logging.Debugf("Validating session")
 	cookie, err := r.Cookie("session_token")
 	if err != nil {
 		logging.Error(err.Error())
 		return false, &SessionData{}
 	}
 	token := cookie.Value
@@ -87,5 +91,16 @@ func validateSession(r *http.Request) (bool, *SessionData) {
 	if !exists || !sessionData.loggedIn {
 		return false, &SessionData{}
 	}
 	logging.Infof("Validated session for %s", sessionData.data.Username)
 	return true, &sessionData
 }
 func deleteSession(session_id string) {
 	sessionMutex.Lock()
 	tokenEncoded := sha256.Sum256([]byte(session_id))
 	tokenEncodedString := string(tokenEncoded[:])
 	delete(sessions, tokenEncodedString)
 	sessionMutex.Unlock()
 }
Author	SHA1	Message	Date
Gregory Wells	074b3f8f31	stale sessions not deleting	2026-03-25 14:05:27 -04:00
Gregory Wells	f8b3c10933	final cleanups	2026-03-25 14:02:53 -04:00
Gregory Wells	c11425dde7	Finish logging	2026-03-25 14:01:46 -04:00
Gregory Wells	bcaa023d3c	add log levels in to logger	2026-03-25 13:55:37 -04:00
Gregory Wells	f491c80fa0	fixed a bug that stopped sessions from being deleted	2026-03-25 10:20:20 -04:00
Gregory Wells	ffb4077f24	debugging session	2026-03-25 09:40:50 -04:00
Gregory Wells	8adca50b91	Logging for LDAP server	2026-03-24 20:26:22 -04:00
Gregory Wells	8928b3c1fc	Debug email class (even though no used)	2026-03-24 20:11:52 -04:00