Make SessionStore a proper singleton
- SessionStore class now has a proper singleton structure
- session_storage_singleton.hpp is removed
- from_json(..) function for SessionStore is changed to a specialized
template
- minor cosmetic fixes added
- Move the template class usages of Crow App over to a non-template
parameter
Change-Id: Ic9effd5b7bac089a84c80a0caa97bd46d4984416
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp
index 77a5bbb..cf32e07 100644
--- a/include/persistent_data_middleware.hpp
+++ b/include/persistent_data_middleware.hpp
@@ -2,9 +2,9 @@
#include <nlohmann/json.hpp>
#include <pam_authenticate.hpp>
+#include <sessions.hpp>
#include <webassets.hpp>
#include <random>
-#include "session_storage_singleton.hpp"
#include <crow/app.h>
#include <crow/http_request.h>
#include <crow/http_response.h>
@@ -28,7 +28,7 @@
Middleware() { read_data(); }
~Middleware() {
- if (PersistentData::session_store->needs_write()) {
+ if (PersistentData::SessionStore::getInstance().needs_write()) {
write_data();
}
}
@@ -68,11 +68,12 @@
if (jSessions != data.end()) {
if (jSessions->is_object()) {
for (const auto& elem : *jSessions) {
- std::shared_ptr<UserSession> newSession = std::make_shared<UserSession>();
+ std::shared_ptr<UserSession> newSession =
+ std::make_shared<UserSession>();
if (newSession->fromJson(elem)) {
- session_store->auth_tokens.emplace(newSession->unique_id,
- newSession);
+ SessionStore::getInstance().auth_tokens.emplace(
+ newSession->unique_id, newSession);
}
}
}
@@ -97,7 +98,7 @@
void write_data() {
std::ofstream persistent_file(filename);
nlohmann::json data;
- data["sessions"] = PersistentData::session_store->auth_tokens;
+ data["sessions"] = PersistentData::SessionStore::getInstance().auth_tokens;
data["system_uuid"] = system_uuid;
data["revision"] = json_revision;
persistent_file << data;
@@ -106,5 +107,5 @@
std::string system_uuid;
};
-} // namespaec PersistentData
+} // namespace PersistentData
} // namespace crow
diff --git a/include/session_storage_singleton.hpp b/include/session_storage_singleton.hpp
deleted file mode 100644
index 6ff8a0e..0000000
--- a/include/session_storage_singleton.hpp
+++ /dev/null
@@ -1,10 +0,0 @@
-#pragma once
-#include "sessions.hpp"
-
-namespace crow {
-namespace PersistentData {
-
-static std::shared_ptr<SessionStore> session_store;
-
-} // namespace PersistentData
-} // namespace crow
diff --git a/include/sessions.hpp b/include/sessions.hpp
index fdd1200..b0fe112 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -73,20 +73,10 @@
}
};
-void to_json(nlohmann::json& j, const std::shared_ptr<UserSession> p) {
- if (p->persistence != PersistenceType::SINGLE_REQUEST) {
- j = {{"unique_id", p->unique_id},
- {"session_token", p->session_token},
- {"username", p->username},
- {"csrf_token", p->csrf_token}};
- }
-}
-
class Middleware;
class SessionStore {
public:
- SessionStore() : timeout_in_minutes(60) {}
std::shared_ptr<UserSession> generate_user_session(
const boost::string_view username,
PersistenceType persistence = PersistenceType::TIMEOUT) {
@@ -184,7 +174,17 @@
// structure, which is private
friend Middleware;
+ static SessionStore& getInstance() {
+ static SessionStore sessionStore;
+ return sessionStore;
+ }
+
+ SessionStore(const SessionStore&) = delete;
+ SessionStore& operator=(const SessionStore&) = delete;
+
private:
+ SessionStore() : timeout_in_minutes(60) {}
+
void apply_session_timeouts() {
auto time_now = std::chrono::steady_clock::now();
if (time_now - last_timeout_update > std::chrono::minutes(1)) {
@@ -211,3 +211,21 @@
} // namespace PersistentData
} // namespace crow
+
+// to_json(...) definition for objects of UserSession type
+namespace nlohmann {
+template <>
+struct adl_serializer<std::shared_ptr<crow::PersistentData::UserSession>> {
+ static void to_json(
+ nlohmann::json& j,
+ const std::shared_ptr<crow::PersistentData::UserSession>& p) {
+ if (p->persistence !=
+ crow::PersistentData::PersistenceType::SINGLE_REQUEST) {
+ j = nlohmann::json{{"unique_id", p->unique_id},
+ {"session_token", p->session_token},
+ {"username", p->username},
+ {"csrf_token", p->csrf_token}};
+ }
+ }
+};
+} // namespace nlohmann
diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp
index a40469f..f151e4f 100644
--- a/include/token_authorization_middleware.hpp
+++ b/include/token_authorization_middleware.hpp
@@ -76,7 +76,7 @@
if (ctx.session != nullptr &&
ctx.session->persistence ==
crow::PersistentData::PersistenceType::SINGLE_REQUEST) {
- PersistentData::session_store->remove_session(ctx.session);
+ PersistentData::SessionStore::getInstance().remove_session(ctx.session);
}
}
@@ -114,7 +114,7 @@
// needed.
// This whole flow needs to be revisited anyway, as we can't be
// calling directly into pam for every request
- return PersistentData::session_store->generate_user_session(
+ return PersistentData::SessionStore::getInstance().generate_user_session(
user, crow::PersistentData::PersistenceType::SINGLE_REQUEST);
}
@@ -123,7 +123,9 @@
CROW_LOG_DEBUG << "[AuthMiddleware] Token authentication";
boost::string_view token = auth_header.substr(strlen("Token "));
- auto session = PersistentData::session_store->login_session_by_token(token);
+ auto session =
+ PersistentData::SessionStore::getInstance().login_session_by_token(
+ token);
return session;
}
@@ -135,7 +137,9 @@
if (token.empty()) {
return nullptr;
}
- auto session = PersistentData::session_store->login_session_by_token(token);
+ auto session =
+ PersistentData::SessionStore::getInstance().login_session_by_token(
+ token);
return session;
}
@@ -161,7 +165,8 @@
cookie_value.substr(start_index, end_index - start_index);
const std::shared_ptr<crow::PersistentData::UserSession> session =
- PersistentData::session_store->login_session_by_token(auth_key);
+ PersistentData::SessionStore::getInstance().login_session_by_token(
+ auth_key);
if (session == nullptr) {
return nullptr;
}
@@ -303,8 +308,8 @@
if (!pam_authenticate_user(username, password)) {
res.result(boost::beast::http::status::unauthorized);
} else {
- auto session =
- PersistentData::session_store->generate_user_session(username);
+ auto session = PersistentData::SessionStore::getInstance()
+ .generate_user_session(username);
if (looks_like_ibm) {
// IBM requires a very specific login structure, and doesn't
@@ -341,18 +346,17 @@
});
CROW_ROUTE(app, "/logout")
- .methods("POST"_method)(
- [&](const crow::request& req, crow::response& res) {
- auto& session =
- app.template get_context<TokenAuthorization::Middleware>(req)
- .session;
- if (session != nullptr) {
- PersistentData::session_store->remove_session(session);
- }
- res.end();
- return;
-
- });
+ .methods(
+ "POST"_method)([&](const crow::request& req, crow::response& res) {
+ auto& session =
+ app.template get_context<TokenAuthorization::Middleware>(req)
+ .session;
+ if (session != nullptr) {
+ PersistentData::SessionStore::getInstance().remove_session(session);
+ }
+ res.end();
+ return;
+ });
}
} // namespace TokenAuthorization
} // namespace crow
diff --git a/include/webserver_common.hpp b/include/webserver_common.hpp
index 1ba091b..4d88629 100644
--- a/include/webserver_common.hpp
+++ b/include/webserver_common.hpp
@@ -15,6 +15,7 @@
*/
#pragma once
+#include "security_headers_middleware.hpp"
#include "token_authorization_middleware.hpp"
#include "security_headers_middleware.hpp"
#include "webserver_common.hpp"
@@ -22,4 +23,3 @@
using CrowApp = crow::App<crow::PersistentData::Middleware,
crow::TokenAuthorization::Middleware,
crow::SecurityHeadersMiddleware>;
-