github.com/dbernstein1/tyk@v2.9.0-beta9-dl-apic+incompatible/user/session.go (about) 1 package user 2 3 import ( 4 "crypto/md5" 5 "fmt" 6 "time" 7 8 "github.com/TykTechnologies/tyk/config" 9 logger "github.com/TykTechnologies/tyk/log" 10 ) 11 12 var log = logger.Get() 13 14 type HashType string 15 16 const ( 17 HashPlainText HashType = "" 18 HashBCrypt HashType = "bcrypt" 19 ) 20 21 // AccessSpecs define what URLS a user has access to an what methods are enabled 22 type AccessSpec struct { 23 URL string `json:"url" msg:"url"` 24 Methods []string `json:"methods" msg:"methods"` 25 } 26 27 // APILimit stores quota and rate limit on ACL level (per API) 28 type APILimit struct { 29 Rate float64 `json:"rate" msg:"rate"` 30 Per float64 `json:"per" msg:"per"` 31 ThrottleInterval float64 `json:"throttle_interval" msg:"throttle_interval"` 32 ThrottleRetryLimit int `json:"throttle_retry_limit" msg:"throttle_retry_limit"` 33 QuotaMax int64 `json:"quota_max" msg:"quota_max"` 34 QuotaRenews int64 `json:"quota_renews" msg:"quota_renews"` 35 QuotaRemaining int64 `json:"quota_remaining" msg:"quota_remaining"` 36 QuotaRenewalRate int64 `json:"quota_renewal_rate" msg:"quota_renewal_rate"` 37 SetByPolicy bool `json:"set_by_policy" msg:"set_by_policy"` 38 } 39 40 // AccessDefinition defines which versions of an API a key has access to 41 type AccessDefinition struct { 42 APIName string `json:"api_name" msg:"api_name"` 43 APIID string `json:"api_id" msg:"api_id"` 44 Versions []string `json:"versions" msg:"versions"` 45 AllowedURLs []AccessSpec `bson:"allowed_urls" json:"allowed_urls" msg:"allowed_urls"` // mapped string MUST be a valid regex 46 Limit *APILimit `json:"limit" msg:"limit"` 47 } 48 49 // SessionState objects represent a current API session, mainly used for rate limiting. 50 // There's a data structure that's based on this and it's used for Protocol Buffer support, make sure to update "coprocess/proto/coprocess_session_state.proto" and generate the bindings using: cd coprocess/proto && ./update_bindings.sh 51 // 52 // swagger:model 53 type SessionState struct { 54 LastCheck int64 `json:"last_check" msg:"last_check"` 55 Allowance float64 `json:"allowance" msg:"allowance"` 56 Rate float64 `json:"rate" msg:"rate"` 57 Per float64 `json:"per" msg:"per"` 58 ThrottleInterval float64 `json:"throttle_interval" msg:"throttle_interval"` 59 ThrottleRetryLimit int `json:"throttle_retry_limit" msg:"throttle_retry_limit"` 60 DateCreated time.Time `json:"date_created" msg:"date_created"` 61 Expires int64 `json:"expires" msg:"expires"` 62 QuotaMax int64 `json:"quota_max" msg:"quota_max"` 63 QuotaRenews int64 `json:"quota_renews" msg:"quota_renews"` 64 QuotaRemaining int64 `json:"quota_remaining" msg:"quota_remaining"` 65 QuotaRenewalRate int64 `json:"quota_renewal_rate" msg:"quota_renewal_rate"` 66 AccessRights map[string]AccessDefinition `json:"access_rights" msg:"access_rights"` 67 OrgID string `json:"org_id" msg:"org_id"` 68 OauthClientID string `json:"oauth_client_id" msg:"oauth_client_id"` 69 OauthKeys map[string]string `json:"oauth_keys" msg:"oauth_keys"` 70 Certificate string `json:"certificate" msg:"certificate"` 71 BasicAuthData struct { 72 Password string `json:"password" msg:"password"` 73 Hash HashType `json:"hash_type" msg:"hash_type"` 74 } `json:"basic_auth_data" msg:"basic_auth_data"` 75 JWTData struct { 76 Secret string `json:"secret" msg:"secret"` 77 } `json:"jwt_data" msg:"jwt_data"` 78 HMACEnabled bool `json:"hmac_enabled" msg:"hmac_enabled"` 79 HmacSecret string `json:"hmac_string" msg:"hmac_string"` 80 IsInactive bool `json:"is_inactive" msg:"is_inactive"` 81 ApplyPolicyID string `json:"apply_policy_id" msg:"apply_policy_id"` 82 ApplyPolicies []string `json:"apply_policies" msg:"apply_policies"` 83 DataExpires int64 `json:"data_expires" msg:"data_expires"` 84 Monitor struct { 85 TriggerLimits []float64 `json:"trigger_limits" msg:"trigger_limits"` 86 } `json:"monitor" msg:"monitor"` 87 EnableDetailedRecording bool `json:"enable_detail_recording" msg:"enable_detail_recording"` 88 MetaData map[string]interface{} `json:"meta_data" msg:"meta_data"` 89 Tags []string `json:"tags" msg:"tags"` 90 Alias string `json:"alias" msg:"alias"` 91 LastUpdated string `json:"last_updated" msg:"last_updated"` 92 IdExtractorDeadline int64 `json:"id_extractor_deadline" msg:"id_extractor_deadline"` 93 SessionLifetime int64 `bson:"session_lifetime" json:"session_lifetime"` 94 95 // Used to store token hash 96 keyHash string 97 } 98 99 func (s *SessionState) MD5Hash() string { 100 return fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("%+v", s)))) 101 } 102 103 func (s *SessionState) KeyHash() string { 104 if s.keyHash == "" { 105 panic("KeyHash cache not found. You should call `SetKeyHash` before.") 106 } 107 108 return s.keyHash 109 } 110 111 func (s *SessionState) SetKeyHash(hash string) { 112 s.keyHash = hash 113 } 114 115 func (s *SessionState) KeyHashEmpty() bool { 116 return s.keyHash == "" 117 } 118 119 func (s *SessionState) Lifetime(fallback int64) int64 { 120 if config.Global().ForceGlobalSessionLifetime { 121 return config.Global().GlobalSessionLifetime 122 } 123 if s.SessionLifetime > 0 { 124 return s.SessionLifetime 125 } 126 if fallback > 0 { 127 return fallback 128 } 129 return 0 130 } 131 132 // PolicyIDs returns the IDs of all the policies applied to this 133 // session. For backwards compatibility reasons, this falls back to 134 // ApplyPolicyID if ApplyPolicies is empty. 135 func (s *SessionState) PolicyIDs() []string { 136 if len(s.ApplyPolicies) > 0 { 137 return s.ApplyPolicies 138 } 139 if s.ApplyPolicyID != "" { 140 return []string{s.ApplyPolicyID} 141 } 142 return nil 143 } 144 145 func (s *SessionState) SetPolicies(ids ...string) { 146 s.ApplyPolicyID = "" 147 s.ApplyPolicies = ids 148 } 149 150 // GetQuotaLimitByAPIID return quota max, quota remaining, quota renewal rate and quota renews for the given session 151 func (s *SessionState) GetQuotaLimitByAPIID(apiID string) (int64, int64, int64, int64) { 152 if access, ok := s.AccessRights[apiID]; ok && access.Limit != nil { 153 return access.Limit.QuotaMax, 154 access.Limit.QuotaRemaining, 155 access.Limit.QuotaRenewalRate, 156 access.Limit.QuotaRenews 157 } 158 159 return s.QuotaMax, s.QuotaRemaining, s.QuotaRenewalRate, s.QuotaRenews 160 }