Store OAuth2 session data in database #3660
Conversation
Codecov Report
@@ Coverage Diff @@
## master #3660 +/- ##
==========================================
- Coverage 23.3% 23.29% -0.01%
==========================================
Files 126 126
Lines 24999 25002 +3
==========================================
Hits 5825 5825
- Misses 18286 18289 +3
Partials 888 888
Continue to review full report at Codecov.
|
tboerger
added
the
lgtm/need 2
| } | ||
|
|
||
| if !st.opts.SkipCreateTable { | ||
| st.e.Sync2(&xormSession{tableName: st.opts.TableName}) |
|
@lafriks why save OAuth session to database not in file system? |
|
@lunny probably currently there is no real reason. I wrote this code when trying to fix oath2 bug but error that file session storage was throwing about trying to delete unexisting file was just a consequence not a real source for that bug. |
|
@lafriks seems good enough. Please follow my review, otherwise LGTM. |
tboerger
added
lgtm/need 1
modules/auth/oauth2/oauth2.go
Outdated
| store := sessions.NewFilesystemStore(sessionDir, []byte(sessionUsersStoreKey)) | ||
| func Init(x *xorm.Engine) { | ||
| store := xormstore.NewOptions(x, xormstore.Options{ | ||
| TableName: "oauth2_sessions", |
There was a problem hiding this comment.
IMHO we should use oauth2_session instead of oauth2_sessions because we currently use the singular for table names.
|
@JonasFranzDEV ~~~did you clear cookies (could be that some old cookie still be left that was stored in file system)?~~~ try again, there was not updated goth libs that actually fixed github authorization |
| } | ||
|
|
||
| type xormSession struct { | ||
| ID string `xorm:"VARCHAR(400) PK NAME 'id'"` |
There was a problem hiding this comment.
VARCHAR(400) results in an error when I use mysql:
panic: Error 1071: Specified key was too long; max key length is 767 bytes
goroutine 1 [running]:
code.gitea.io/gitea/vendor/github.com/lafriks/xormstore.NewOptions(0xc4206680b0, 0x113ce57, 0xf, 0xc42067d600, 0xc4206fb8f0, 0x1, 0x1, 0x0)
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/vendor/github.com/lafriks/xormstore/xormstore.go:108 +0x2d2
code.gitea.io/gitea/modules/auth/oauth2.Init(0xc4206680b0)
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/modules/auth/oauth2/oauth2.go:44 +0xb9
code.gitea.io/gitea/models.InitOAuth2()
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/models/oauth2.go:101 +0x3f
code.gitea.io/gitea/routers.GlobalInit()
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/routers/init.go:63 +0x56e
code.gitea.io/gitea/cmd.runWeb(0xc420344000, 0x0, 0x0)
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/cmd/web.go:83 +0xa8
code.gitea.io/gitea/vendor/github.com/urfave/cli.HandleAction(0xfb0900, 0x117e690, 0xc420344000, 0xc42020f440, 0x0)
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:471 +0xad
code.gitea.io/gitea/vendor/github.com/urfave/cli.(*App).Run(0xc4200d5040, 0xc420030190, 0x1, 0x1, 0x0, 0x0)
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:246 +0x542
main.main()
/mnt/local_storage/jonasfranz/Go/src/code.gitea.io/gitea/main.go:52 +0x40e
The error is returned at line 106 and is actually not handled!
When I change this to VARCHAR(200) for example, no error is thrown.
|
@lafriks Now the authentication works (except the error reported (mysql)) but the table is empty. Is that an excepted behaviour? |
|
@JonasFranzDEV it depends on goth lib usage and in how it is currently done in gitea it seams to store session only between when you redirect to oauth2 provider and when you get session back. |
lafriks
force-pushed
the
feat/xormstore_oath2_sessions
branch
from
eb61efd to
6858da3
Compare
|
@lunny @JonasFranzDEV fixed |
bkcsoft
added
lgtm/done
|
Make LG-TM work |
|
@lafriks this pr is update to latest master commit. Code Review is passed already. |
Currently OAuth2 sessions are saved only on filesystem in sessions directory independently of where gitea session is actually saved