redis sessions

update session info
create redis session
2026-06-07 20:38:35 -04:00 · 2026-06-07 20:36:23 -04:00 · 2026-06-07 20:34:10 -04:00 · 2026-06-07 20:27:42 -04:00 · 2026-06-07 20:17:51 -04:00 · 2026-06-07 20:07:20 -04:00
16 changed files with 365 additions and 66 deletions
@@ -0,0 +1,69 @@
 <!doctype html>
 <html>
    <head>
        <!-- Tell iOS we support light mode -->
        <meta name="color-scheme" content="light" />
        <meta name="supported-color-schemes" content="light" />
    </head>
    <body
        style="margin: 0; padding: 0; background-color: #f7fff7; color: #000000"
    >
        <table
            width="100%"
            cellpadding="0"
            cellspacing="0"
            border="0"
            style="background-color: #f7fff7"
        >
            <tr>
                <td align="center">
                    <!-- Outer container -->
                    <table
                        width="600"
                        cellpadding="0"
                        cellspacing="0"
                        border="0"
                        style="
                            background-color: #ffffff;
                            border: 1px solid #e2e8f0;
                            border-radius: 12px;
                            margin-top: 25px;
                        "
                    >
                        <tr>
                            <td
                                style="
                                    padding: 30px;
                                    font-family: Arial, sans-serif;
                                    color: #000000;
                                "
                            >
                                <p style="margin: 0 0 15px 0">
                                    Hi <strong>{{.Username}}</strong>,
                                </p>
                                <p style="margin: 0 0 15px 0">
                                    Your account password has been successfully
                                    changed. If you made this change, you can
                                    safely disregard this email.
                                </p>
                                <p style="margin: 20px 0 15px 0">
                                    If you did not change your password, please
                                    contact your system administrator
                                    immediately to secure your account.
                                </p>
                                <p style="margin: 0">
                                    Thanks,<br />
                                    <strong>{{.ServiceName}}</strong>
                                </p>
                            </td>
                        </tr>
                    </table>
                </td>
            </tr>
        </table>
    </body>
 </html>
@@ -6,7 +6,10 @@ require github.com/go-ldap/ldap/v3 v3.4.13
 require (
 	github.com/Azure/go-ntlmssp v0.1.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/redis/go-redis/v9 v9.20.0 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	golang.org/x/crypto v0.48.0 // indirect
 )
@@ -2,6 +2,8 @@ github.com/Azure/go-ntlmssp v0.1.0 h1:DjFo6YtWzNqNvQdrwEyr/e4nhU3vRiwenz5QX7sFz+
 github.com/Azure/go-ntlmssp v0.1.0/go.mod h1:NYqdhxd/8aAct/s4qSYZEerdPuH1liG2/X9DiVTbhpk=
 github.com/alexbrainman/sspi v0.0.0-20250919150558-7d374ff0d59e h1:4dAU9FXIyQktpoUAgOJK3OTFc/xug0PCXYCqU0FgDKI=
 github.com/alexbrainman/sspi v0.0.0-20250919150558-7d374ff0d59e/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo=
@@ -30,8 +32,12 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ
 github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/redis/go-redis/v9 v9.20.0 h1:WnQYxLkgO2xiXTCJY0ldIiI8dNqCDlQAG+AtaH7a2a0=
 github.com/redis/go-redis/v9 v9.20.0/go.mod h1:v/M13XI1PVCDcm01VtPFOADfZtHf8YW3baQf57KlIkA=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
 golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
@@ -51,5 +51,7 @@ func (account *EmailAccount) SendEmail(toEmails []string, subject string, messag
 	if err != nil {
 		logging.Error("Failed to send email")
 		logging.Error(err.Error())
 		return
 	}
 	logging.Info("Successfully sent email")
 }
@@ -0,0 +1,58 @@
 package main
 import (
 	"html/template"
 	"net/http"
 	"strings"
 	"astraltech.xyz/accountmanager/src/logging"
 )
 type LoginPageData struct {
 	IsHiddenClassList string
 }
 func loginHandler(w http.ResponseWriter, r *http.Request) {
 	logging.Info("Handing login page")
 	w.Header().Set("Content-Type", "text/html; charset=utf-8")
 	tmpl := template.Must(template.ParseFiles("src/pages/login_page.html"))
 	if r.Method == http.MethodGet {
 		logging.Info("Rending login page")
 		tmpl.Execute(w, LoginPageData{IsHiddenClassList: "hidden"})
 		return
 	}
 	if r.Method == http.MethodPost {
 		username := r.FormValue("username")
 		if strings.Contains(username, "/") {
 			tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 		}
 		password := r.FormValue("password")
 		logging.Infof("New Login request for %s\n", username)
 		newUserData, err := authenticateUser(username, password)
 		userDataMutex.Lock()
 		userData[username] = newUserData
 		userDataMutex.Unlock()
 		if err == ErrPasswordExpired {
 			http.Redirect(w, r, "/reset-password?token=this_is_the_only_token_that_works", http.StatusFound)
 		} else if err != nil {
 			logging.Error(err.Error())
 			tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 		} else {
 			if newUserData.isAuth == true {
 				cookie, err := sessionManager.CreateSession(username)
 				if err != nil {
 					logging.Error(err.Error())
 					http.Error(w, "Session error", http.StatusInternalServerError)
 					return
 				}
 				http.SetCookie(w, cookie)
 				http.Redirect(w, r, "/profile", http.StatusFound)
 			} else {
 				tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 			}
 		}
 	}
 }
@@ -1,6 +1,7 @@
 package main
 import (
 	"errors"
 	"fmt"
 	"html/template"
 	"log"
@@ -34,6 +35,8 @@ var (
 	userDataMutex sync.RWMutex
 )
 var ErrPasswordExpired = errors.New("Password expired")
 func authenticateUser(username, password string) (*UserData, error) {
 	logging.Event(logging.AuthenticateUser, username)
 	userDN := fmt.Sprintf("uid=%s,cn=users,cn=accounts,%s", username, serverConfig.LDAPConfig.BaseDN)
@@ -41,7 +44,7 @@ func authenticateUser(username, password string) (*UserData, error) {
 	connected, err := ldapServer.AuthenticateUser(userDN, password)
 	if err != nil {
 		if strings.Contains(err.Error(), "Password is expired") {
-			return nil, fmt.Errorf("Password expired for %s\n", username)
+			return nil, ErrPasswordExpired
 		}
 		return nil, err
 	}
@@ -75,53 +78,6 @@ func authenticateUser(username, password string) (*UserData, error) {
 	return &user, nil
 }
 type LoginPageData struct {
 	IsHiddenClassList string
 }
 func loginHandler(w http.ResponseWriter, r *http.Request) {
 	logging.Info("Handing login page")
 	w.Header().Set("Content-Type", "text/html; charset=utf-8")
 	tmpl := template.Must(template.ParseFiles("src/pages/login_page.html"))
 	if r.Method == http.MethodGet {
 		logging.Info("Rending login page")
 		tmpl.Execute(w, LoginPageData{IsHiddenClassList: "hidden"})
 		return
 	}
 	if r.Method == http.MethodPost {
 		username := r.FormValue("username")
 		if strings.Contains(username, "/") {
 			tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 		}
 		password := r.FormValue("password")
 		logging.Infof("New Login request for %s\n", username)
 		newUserData, err := authenticateUser(username, password)
 		userDataMutex.Lock()
 		userData[username] = newUserData
 		userDataMutex.Unlock()
 		if err != nil {
 			logging.Error(err.Error())
 			tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 		} else {
 			if newUserData.isAuth == true {
 				cookie, err := sessionManager.CreateSession(username)
 				if err != nil {
 					logging.Error(err.Error())
 					http.Error(w, "Session error", http.StatusInternalServerError)
 					return
 				}
 				http.SetCookie(w, cookie)
 				http.Redirect(w, r, "/profile", http.StatusFound)
 			} else {
 				tmpl.Execute(w, LoginPageData{IsHiddenClassList: ""})
 			}
 		}
 	}
 }
 type ProfileData struct {
 	Username    string
 	Email       string
@@ -241,12 +197,23 @@ func changePasswordHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 	w.Write([]byte(`{"success": true}`))
 	data := map[string]any{
 		"Username":    userData[sessionData.UserID].DisplayName,
 		"ServiceName": "Astral Tech",
 	}
 	email_template, err := email.RenderTemplate("./data/email-templates/changed-password.html", data, nil)
 	if err != nil {
 		logging.Errorf("Failed to load email template: %s", err.Error())
 	}
 	noReplyEmail.SendEmail([]string{userData[sessionData.UserID].Email}, "Password expired", email_template)
 }
 func main() {
 	logging.Info("Starting the server")
 	sessionManager = session.GetSessionManager()
-	sessionManager.SetStoreType(session.InMemory)
+	sessionManager.SetStoreType(session.Redis)
 	var err error
 	serverConfig, err = loadServerConfig("./data/config.json")
@@ -288,6 +255,7 @@ func main() {
 	helpers.HandleFunc("/login", loginHandler)
 	helpers.HandleFunc("/profile", profileHandler)
 	helpers.HandleFunc("/logout", logoutHandler)
 	helpers.HandleFunc("/reset-password", resetPasswordHandler)
 	helpers.HandleFunc("/avatar", components.AvatarHandler)
 	helpers.HandleFunc("/change-photo", components.UploadPhotoHandler)
@@ -0,0 +1,21 @@
 package main
 import (
 	"html/template"
 	"net/http"
 	"astraltech.xyz/accountmanager/src/logging"
 )
 func resetPasswordHandler(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "text/html; charset=utf-8")
 	token := r.URL.Query().Get("token")
 	logging.Infof("Token: %s\n", token)
 	tmpl := template.Must(template.ParseFiles("src/pages/reset_password.html"))
 	if r.Method == http.MethodGet {
 		tmpl.Execute(w, nil)
 		return
 	}
 }
@@ -0,0 +1,44 @@
 <!doctype html>
 <title>Astral Tech - Reset Password</title>
 <link
    href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap"
    rel="stylesheet"
 />
 <link rel="stylesheet" href="static/style.css" />
 <link rel="stylesheet" href="static/error/error.css" />
 <link rel="stylesheet" href="static/card.css" />
 <link rel="stylesheet" href="static/reset_password.css" />
 <img id="logo_image" alt="logo" src="/logo" />
 <div id="reset_password_card" class="card static_center">
    <div>
        <div>
            Welcome
            <b>{{.Name}}</b>
        </div>
        <div class="subtext">
            Your password needs to be reset, please enter your new password
            below
        </div>
    </div>
    <div>
        <label class="input_label">New password</label><br />
        <div class="password_box">
            <input type="password" name="password" placeholder="" required />
            <button type="button" class="show_password_toggle closed"></button>
        </div>
    </div>
    <div>
        <label class="input_label">New password (repeated)</label><br />
        <div class="password_box">
            <input type="password" name="password" placeholder="" required />
            <button type="button" class="show_password_toggle closed"></button>
        </div>
    </div>
    <button>Reset Password</button>
 </div>
@@ -5,3 +5,4 @@ import "errors"
 var ErrSessionNotFound = errors.New("session not found")
 var ErrSessionAlreadyExists = errors.New("session already exists")
 var ErrSessionExpired = errors.New("session expired")
 var ErrSessionBackend = errors.New("session backend")
@@ -21,6 +21,7 @@ type StoreType int
 const (
 	InMemory StoreType = iota
 	Redis
 )
 func GetSessionManager() *SessionManager {
@@ -38,6 +39,11 @@ func (manager *SessionManager) SetStoreType(storeType StoreType) {
 			manager.store = NewMemoryStore()
 			break
 		}
 	case Redis:
 		{
 			manager.store = NewRedisStore()
 			break
 		}
 	}
 }
@@ -0,0 +1,117 @@
 package session
 import (
 	"context"
 	"encoding/json"
 	"time"
 	"astraltech.xyz/accountmanager/src/logging"
 	"github.com/redis/go-redis/v9"
 )
 type RedisStore struct {
 	client *redis.Client
 	ctx    context.Context
 }
 func NewRedisStore() *RedisStore {
 	logging.Debug("Creating new redis session store")
 	// this will be replaced with a URL that can be parsed in the config file
 	redis_server := "redis://localhost:6379/0"
 	opts, err := redis.ParseURL(redis_server)
 	if err != nil {
 		logging.Errorf("Failed to parse redis url %s", err.Error())
 	}
 	rdb := redis.NewClient(opts)
 	ctx := context.Background()
 	if err := rdb.Ping(ctx).Err(); err != nil {
 		logging.Errorf("Failed to connect to redis server %s", redis_server)
 	} else {
 		logging.Infof("Successfully connected to redis server %s", redis_server)
 	}
 	store := &RedisStore{
 		client: rdb,
 		ctx:    ctx,
 	}
 	return store
 }
 // 	return rdb.Set(ctx, key, data, 0).Err()
 func (m *RedisStore) Create(sessionID string, session *SessionData) (err error) {
 	hashedSession := hashSession(sessionID)
 	data, err := json.Marshal(*session)
 	if err != nil {
 		return ErrSessionBackend
 	}
 	created, err := m.client.SetNX(m.ctx, hashedSession, data, time.Hour).Result()
 	if err != nil {
 		logging.Error(err.Error())
 		return ErrSessionBackend
 	}
 	if !created {
 		return ErrSessionAlreadyExists
 	}
 	return nil
 }
 func (m *RedisStore) Get(sessionID string) (*SessionData, error) {
 	hashed := hashSession(sessionID)
 	data, err := m.client.Get(m.ctx, hashed).Bytes()
 	if err == redis.Nil {
 		return nil, ErrSessionNotFound
 	} else if err != nil {
 		logging.Error(err.Error())
 		return nil, ErrSessionBackend
 	}
 	var session_data SessionData
 	if err := json.Unmarshal(data, &session_data); err != nil {
 		logging.Error(err.Error())
 		return nil, ErrSessionBackend
 	}
 	if time.Now().After(session_data.ExpiresAt) {
 		_ = m.Delete(sessionID)
 		return nil, ErrSessionBackend
 	}
 	return &session_data, nil
 }
 func (m *RedisStore) Update(sessionID string, session *SessionData) error {
 	hashedSession := hashSession(sessionID)
 	data, err := json.Marshal(*session)
 	if err != nil {
 		return ErrSessionBackend
 	}
 	updated, err := m.client.SetXX(m.ctx, hashedSession, data, time.Hour).Result()
 	if err != nil {
 		logging.Error(err.Error())
 		return ErrSessionBackend
 	}
 	if !updated {
 		return ErrSessionNotFound
 	}
 	return nil
 }
 func (m *RedisStore) Delete(sessionID string) error {
 	hashedSession := hashSession(sessionID)
 	err := m.client.Del(m.ctx, hashedSession).Err()
 	if err != nil {
 		logging.Error(err.Error())
 		return ErrSessionBackend
 	}
 	return nil
 }
@@ -3,9 +3,9 @@ package session
 import "time"
 type SessionData struct {
-	UserID    string
+	UserID    string    `json:"userid"`
-	CSRFToken string
+	CSRFToken string    `json:"csrftoken"`
-	ExpiresAt time.Time
+	ExpiresAt time.Time `json:"expiresat"`
 }
 type SessionStore interface {
@@ -1,10 +1,3 @@
 #logo_image {
    position: fixed;
    width: 300px;
    left: 50%;
    transform: translateX(-50%);
 }
 #login_card {
    position: fixed;
    top: 50%;
@@ -1,10 +1,3 @@
 #logo_image {
    position: fixed;
    width: 300px;
    left: 50%;
    transform: translateX(-50%);
 }
 #main_content {
    position: fixed;
    top: 100px;
@@ -0,0 +1,7 @@
 #reset_password_card {
    width: 350px;
 }
 #reset_password_card input {
    width: 324px;
 }
@@ -129,3 +129,14 @@ input::placeholder {
 .show_password_toggle:focus {
    outline: none !important;
 }
 #logo_image {
    position: fixed;
    width: 300px;
    left: 50%;
    transform: translateX(-50%);
 }
 .subtext {
    color: var(--text-muted);
 }
Author	SHA1	Message	Date
Gregory Wells	a7b302b74b	redis sessions	2026-06-07 20:38:35 -04:00
Gregory Wells	f8b37d9836	update session info	2026-06-07 20:36:23 -04:00
Gregory Wells	4256e5ba8a	create redis session	2026-06-07 20:34:10 -04:00
Gregory Wells	5386b64648	finish session getting code	2026-06-07 20:27:42 -04:00
Gregory Wells	78d259ea3b	fix crash on load from nil session info	2026-06-07 20:17:51 -04:00
Gregory Wells	1e87b8239b	connect to redis session	2026-06-07 20:07:20 -04:00
Gregory Wells	e1862ca8eb	allow redis to be selected as session store type	2026-06-07 20:02:12 -04:00
Gregory Wells	9c984fefaf	create redis session go file	2026-06-07 19:58:59 -04:00
Gregory Wells	10900093e0	log that email has sent successfully	2026-06-02 11:44:35 -04:00
Gregory Wells	e151e11123	send email on successful password change	2026-06-02 11:44:17 -04:00
gawells	1ddc4daf02	bold name text	2026-04-17 08:32:53 -04:00
gawells	e2fe714029	reset password page design	2026-04-16 14:53:02 -04:00
gawells	3e2541b411	add subtext modifier	2026-04-16 14:52:55 -04:00
gawells	561c33b1a9	move logo page to the master style.css file	2026-04-16 14:44:34 -04:00
gawells	33afca200d	reset password page	2026-04-16 14:42:40 -04:00