Skip to content

Commit

Permalink
refactor(session) use pdk and remove BasePlugin inheritance (#9)
Browse files Browse the repository at this point in the history
* refactor(session) use pdk where applicable
  - move session to shared ctx
* feat(session) remove base plugin inheritance
  * move handler properties into table initialization

* style(errors) make messages better
  - uncapitalized and remove "error" keyword

* style(*) remove whitespace

* chore(session) test next branch
* chore(session) bump to major
  • Loading branch information
darrenjennings authored Jun 6, 2019
1 parent dc9c73c commit 9c80f14
Show file tree
Hide file tree
Showing 8 changed files with 64 additions and 68 deletions.
2 changes: 1 addition & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ env:
before_install:
- git clone https://$GITHUB_TOKEN:@github.com/Kong/kong-ci.git
- source kong-ci/setup_env.sh
- git clone https://github.com/Kong/kong.git kong-ce
- git clone -b next https://github.com/Kong/kong.git kong-ce

install:
- luarocks make
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
package = "kong-plugin-session"

version = "1.0.2-3"
version = "2.0.0-1"

supported_platforms = {"linux", "macosx"}

source = {
url = "git://github.com/Kong/kong-plugin-session",
tag = "1.0.2"
tag = "2.0.0"
}

description = {
Expand All @@ -18,7 +18,7 @@ description = {
dependencies = {
"lua >= 5.1",
"lua-resty-session == 2.23",
--"kong >= 0.15",
--"kong >= 1.2.0",
}

build = {
Expand Down
34 changes: 19 additions & 15 deletions kong/plugins/session/access.lua
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
local constants = require "kong.constants"
local session = require "kong.plugins.session.session"
local ngx_set_header = ngx.req.set_header
local log = ngx.log
local kong = kong

local _M = {}
Expand All @@ -17,31 +15,37 @@ end


local function set_consumer(consumer, credential_id)
ngx_set_header(constants.HEADERS.CONSUMER_ID, consumer.id)
ngx_set_header(constants.HEADERS.CONSUMER_CUSTOM_ID, consumer.custom_id)
ngx_set_header(constants.HEADERS.CONSUMER_USERNAME, consumer.username)
ngx.ctx.authenticated_consumer = consumer
local set_header = kong.service.request.set_header

set_header(constants.HEADERS.CONSUMER_ID, consumer.id)
set_header(constants.HEADERS.CONSUMER_CUSTOM_ID, consumer.custom_id)
set_header(constants.HEADERS.CONSUMER_USERNAME, consumer.username)

if credential_id then
ngx.ctx.authenticated_credential = { id = credential_id or consumer.id,
consumer_id = consumer.id }
ngx_set_header(constants.HEADERS.ANONYMOUS, true)
local credential = {id = credential_id or consumer.id, consumer_id = consumer.id}
set_header(constants.HEADERS.ANONYMOUS, true)
kong.client.authenticate(consumer, credential)

return
end

kong.client.authenticate(consumer, nil)
end


function _M.execute(conf)
local s = session.open_session(conf)

if not s.present then
log(ngx.DEBUG, "Session not present")
kong.log.debug("session not present")
return
end

-- check if incoming request is trying to logout
if session.logout(conf) then
log(ngx.DEBUG, "Session logging out")
kong.log.debug("session logging out")
s:destroy()
return ngx.exit(200)
return kong.response.exit(200)
end


Expand All @@ -52,20 +56,20 @@ function _M.execute(conf)
load_consumer, cid)

if err then
ngx.log(ngx.ERR, "Error loading consumer: ", err)
kong.log.err("could not load consumer: ", err)
return
end

-- destroy sessions with invalid consumer_id
if not consumer then
ngx.log(ngx.DEBUG, "No consumer, destroying session")
kong.log.debug("failed to find consumer, destroying session")
return s:destroy()
end

s:start()

set_consumer(consumer, credential)
ngx.ctx.authenticated_session = s
kong.ctx.shared.authenticated_session = s
end


Expand Down
30 changes: 12 additions & 18 deletions kong/plugins/session/handler.lua
Original file line number Diff line number Diff line change
Expand Up @@ -2,32 +2,27 @@ local BasePlugin = require "kong.plugins.base_plugin"
local access = require "kong.plugins.session.access"
local session = require "kong.plugins.session.session"

local kong = kong

-- Grab pluginname from module name
local plugin_name = ({...})[1]:match("^kong%.plugins%.([^%.]+)")
local KongSessionHandler = {
PRIORITY = 1900,
VERSION = "2.0.0",
}

local KongSessionHandler = BasePlugin:extend()

KongSessionHandler.PRIORITY = 1900
KongSessionHandler.VERSION = "1.0.0"

function KongSessionHandler:new()
KongSessionHandler.super.new(self, plugin_name)
end

function KongSessionHandler:header_filter(conf)
KongSessionHandler.super.header_filter(self)
local ctx = ngx.ctx
local credential = kong.client.get_credential()
local consumer = kong.client.get_consumer()

if not ctx.authenticated_credential then
if not credential then
-- don't open sessions for anonymous users
ngx.log(ngx.DEBUG, "Anonymous: No credential.")
kong.log.debug("anonymous: no credential.")
return
end

local credential_id = ctx.authenticated_credential and ctx.authenticated_credential.id
local consumer_id = ctx.authenticated_consumer and ctx.authenticated_consumer.id
local s = ctx.authenticated_session
local credential_id = credential.id
local consumer_id = consumer and consumer.id
local s = kong.ctx.shared.authenticated_session

-- if session exists and the data in the session matches the ctx then
-- don't worry about saving the session data or sending cookie
Expand All @@ -50,7 +45,6 @@ end


function KongSessionHandler:access(conf)
KongSessionHandler.super.access(self)
access.execute(conf)
end

Expand Down
10 changes: 5 additions & 5 deletions kong/plugins/session/session.lua
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
local session = require "resty.session"
local log = ngx.log
local kong = kong

local _M = {}

Expand Down Expand Up @@ -82,7 +82,7 @@ function _M.logout(conf)

local logout_methods = conf.logout_methods
if logout_methods then
local request_method = ngx.var.request_method
local request_method = kong.request.get_method()
for _, logout_method in ipairs(logout_methods) do
if logout_method == request_method then
logout = true
Expand All @@ -94,14 +94,14 @@ function _M.logout(conf)

local logout_query_arg = conf.logout_query_arg
if logout_query_arg then
local uri_args = ngx.req.get_uri_args()
local uri_args = kong.request.get_query()
if uri_args[logout_query_arg] then
logout = true
end
end

if logout then
log(ngx.DEBUG, "logout by query argument")
kong.log.debug("logout by query argument")
else
local logout_post_arg = conf.logout_post_arg
if logout_post_arg then
Expand All @@ -112,7 +112,7 @@ function _M.logout(conf)
end

if logout then
log(ngx.DEBUG, "logout by post argument")
kong.log.debug("logout by post argument")
end
end
end
Expand Down
10 changes: 5 additions & 5 deletions kong/plugins/session/storage/kong.lua
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ function kong_storage:get(sid)
local s, err = kong.cache:get(cache_key, nil, load_session, sid)

if err then
ngx.log(ngx.ERR, "Error finding session:", err)
kong.log.err("could not find session:", err)
end

return s, err
Expand Down Expand Up @@ -91,15 +91,15 @@ function kong_storage:insert_session(sid, data, expires)
}, { ttl = self.lifetime })

if err then
ngx.log(ngx.ERR, "Error inserting session: ", err)
kong.log.err("could not insert session: ", err)
end
end


function kong_storage:update_session(id, params, ttl)
local _, err = self.db.sessions:update({ id = id }, params, { ttl = ttl })
if err then
ngx.log(ngx.ERR, "Error updating session: ", err)
kong.log.err("could not update session: ", err)
end
end

Expand All @@ -120,7 +120,7 @@ function kong_storage:save(id, expires, data, hmac)
return value
end

return nil, "expired"
return nil, "expired"
end


Expand All @@ -136,7 +136,7 @@ function kong_storage:destroy(id)
})

if err then
ngx.log(ngx.ERR, "Error deleting session: ", err)
kong.log.err("could not delete session: ", err)
end
end

Expand Down
8 changes: 4 additions & 4 deletions spec/01-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -116,11 +116,11 @@ for _, strategy in helpers.each_strategy() do
})

assert.response(res).has.status(200)

local cookie = assert.response(res).has.header("Set-Cookie")
local cookie_name = utils.split(cookie, "=")[1]
assert.equal("session", cookie_name)

-- e.g. ["Set-Cookie"] =
-- "da_cookie=m1EL96jlDyQztslA4_6GI20eVuCmsfOtd6Y3lSo4BTY.|15434724
-- 06|U5W4A6VXhvqvBSf4G_v0-Q..|DFJMMSR1HbleOSko25kctHZ44oo.; Path=/
Expand All @@ -147,10 +147,10 @@ for _, strategy in helpers.each_strategy() do
request.headers.apikey = "kong"
res = assert(client:send(request))
assert.response(res).has.status(200)

cookie = assert.response(res).has.header("Set-Cookie")
assert.equal("da_cookie", utils.split(cookie, "=")[1])

local cookie_parts = utils.split(cookie, "; ")
assert.equal("SameSite=Lax", cookie_parts[3])
assert.equal(nil, cookie_parts[4])
Expand Down
32 changes: 15 additions & 17 deletions spec/03-session_spec.lua
Original file line number Diff line number Diff line change
@@ -1,11 +1,15 @@
local helpers = require "spec.helpers"
local session = require "kong.plugins.session.session"
local phases = require "kong.pdk.private.phases"

describe("Plugin: Session - session.lua", function()
local old_ngx

before_each(function()
kong.ctx.core.phase = phases.phases.request

old_ngx = {
var = {},
get_phase = function()end,
req = {
read_body = function()end
},
Expand All @@ -21,10 +25,8 @@ describe("Plugin: Session - session.lua", function()


it("logs out with GET request", function()
ngx.req.get_uri_args = function()
return {["session_logout"] = true}
end
ngx.var.request_method = "GET"
kong.request.get_query = function() return {["session_logout"] = true} end
kong.request.get_method = function() return "GET" end

local conf = {
logout_methods = {"GET", "POST"},
Expand All @@ -39,7 +41,7 @@ describe("Plugin: Session - session.lua", function()
return {["session_logout"] = true}
end
ngx.req.read_body = function() end
ngx.var.request_method = "POST"
kong.request.get_method = function() return "POST" end

local conf = {
logout_methods = {"POST"},
Expand All @@ -54,8 +56,8 @@ describe("Plugin: Session - session.lua", function()
return {["session_logout"] = true}
end
ngx.req.read_body = function() end
ngx.var.request_method = "DELETE"
kong.request.get_method = function() return "DELETE" end

local conf = {
logout_methods = {"DELETE"},
logout_post_arg = "session_logout"
Expand All @@ -65,10 +67,8 @@ describe("Plugin: Session - session.lua", function()
end)

it("logs out with DELETE request with query params", function()
ngx.req.get_uri_args = function()
return {["session_logout"] = true}
end
ngx.var.request_method = "DELETE"
kong.request.get_query = function() return {["session_logout"] = true} end
kong.request.get_method = function() return "DELETE" end

local conf = {
logout_methods = {"DELETE"},
Expand All @@ -79,10 +79,8 @@ describe("Plugin: Session - session.lua", function()
end)

it("does not logout with GET requests when method is not allowed", function()
ngx.req.get_uri_args = function()
return {["session_logout"] = true}
end
ngx.var.request_method = "GET"
kong.request.get_query = function() return {["session_logout"] = true} end
kong.request.get_method = function() return "GET" end

local conf = {
logout_methods = {"DELETE"},
Expand All @@ -96,7 +94,7 @@ describe("Plugin: Session - session.lua", function()
ngx.req.get_post_args = function()
return {["session_logout"] = true}
end
ngx.var.request_method = "POST"
kong.request.get_method = function() return "POST" end

local conf = {
logout_methods = {"DELETE"},
Expand Down

0 comments on commit 9c80f14

Please sign in to comment.