From 43d7fc0b4110ebf27c2847fc2660916da60629e9 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 29 Dec 2015 04:04:07 +0100 Subject: improved session id generation with less deps diff --git a/session_store.go b/session_store.go index b7ea3d9..5025d8c 100644 --- a/session_store.go +++ b/session_store.go @@ -25,11 +25,10 @@ package rhimport import ( - "encoding/base32" + "crypto/rand" + "encoding/base64" "fmt" - "github.com/satori/go.uuid" "net/http" - "strings" ) type newSessionResponse struct { @@ -76,6 +75,14 @@ type SessionStore struct { removeChan chan removeSessionRequest } +func generateSessionId() (string, error) { + var b [32]byte + if _, err := rand.Read(b[:]); err != nil { + return "", err + } + return base64.RawStdEncoding.EncodeToString(b[:]), nil +} + func (self *SessionStore) new(ctx *ImportContext) (resp newSessionResponse) { resp.responsecode = http.StatusOK resp.errorstring = "OK" @@ -90,14 +97,18 @@ func (self *SessionStore) new(ctx *ImportContext) (resp newSessionResponse) { return } } - b := uuid.NewV4().Bytes() - resp.id = strings.ToLower(strings.TrimRight(base32.StdEncoding.EncodeToString(b), "=")) - if _, exists := self.store[ctx.UserName]; !exists { - self.store[ctx.UserName] = make(map[string]*Session) + if id, err := generateSessionId(); err != nil { + resp.responsecode = http.StatusInternalServerError + resp.errorstring = err.Error() + } else { + resp.id = id + if _, exists := self.store[ctx.UserName]; !exists { + self.store[ctx.UserName] = make(map[string]*Session) + } + self.store[ctx.UserName][resp.id] = NewSession(ctx, func() { self.GetInterface().Remove(ctx.UserName, resp.id) }) + resp.session = self.store[ctx.UserName][resp.id].getInterface() + rhdl.Printf("SessionStore: created session for '%s' -> %s", ctx.UserName, resp.id) } - self.store[ctx.UserName][resp.id] = NewSession(ctx, func() { self.GetInterface().Remove(ctx.UserName, resp.id) }) - resp.session = self.store[ctx.UserName][resp.id].getInterface() - rhdl.Printf("SessionStore: created session for '%s' -> %s", ctx.UserName, resp.id) return } -- cgit v0.10.2