init work on redis session

examples/php-singlesite/docker-compose.yml

@@ -68,4 +68,4 @@ networks:
       config:
         - subnet: 10.20.30.0/24
   bw-services:
-  net-docker:
+  bw-docker:

src/bw/lua/clusterstore.lua

@@ -12,6 +12,7 @@ function M:connect()
     local variables = {
         ["REDIS_HOST"] = "",
         ["REDIS_PORT"] = "",
+        ["REDIS_DATABASE"] = "",
         ["REDIS_SSL"] = "",
         ["REDIS_TIMEOUT"] = "",
         ["REDIS_KEEPALIVE_IDLE"] = "",
@@ -28,15 +29,25 @@ function M:connect()
     redis_client:set_timeouts(tonumber(variables["REDIS_TIMEOUT"]), tonumber(variables["REDIS_TIMEOUT"]), tonumber(variables["REDIS_TIMEOUT"]))
     -- Connect
     local options = {
-        ["ssl"] = false
+        ssl = variables["REDIS_SSL"] == "yes",
+        pool = "bw",
+        pool_size = tonumber(variables["REDIS_KEEPALIVE_POOL"])
     }
-    if variables["REDIS_SSL"] == "yes" then
-        options["ssl"] = true
-    end
     local ok, err = redis_client:connect(variables["REDIS_HOST"], tonumber(variables["REDIS_PORT"]), options)
     if not ok then
         return false, err
     end
+    -- Select database if needed
+    local times, err = redis_client:get_reused_times()
+    if err then
+        return false, err
+    end
+    if times == 0 then
+        local select, err = redis_client:select(tonumber(variables["REDIS_DATABASE"]))
+        if err then
+            return false, err
+        end
+    end
     return redis_client
 end
 

src/common/core/antibot/confs/http/antibot.conf

@@ -1,9 +0,0 @@
-map "{{ ANTIBOT_SESSION_SECRET }}" $session_secret {
-	default "{{ ANTIBOT_SESSION_SECRET }}";
-	"random" "{{ random(32) }}";
-}
-
-map "{{ ANTIBOT_SESSION_NAME }}" $session_name {
-	default "{{ ANTIBOT_SESSION_NAME }}";
-	"random" "{{ random(16) }}";
-}

src/common/core/antibot/plugin.json

@@ -31,24 +31,6 @@
       "regex": "^/[\\w\\].~:/?#[@!$&'()*+,;=-]*$",
       "type": "text"
     },
-    "ANTIBOT_SESSION_SECRET": {
-      "context": "global",
-      "default": "random",
-      "help": "Secret used to encrypt sessions variables for storing data related to challenges.",
-      "id": "antibot-session-secret",
-      "label": "Antibot Session secret",
-      "regex": "^(random|\\w+)$",
-      "type": "password"
-    },
-    "ANTIBOT_SESSION_NAME": {
-      "context": "global",
-      "default": "random",
-      "help": "Name of the cookie used by the antibot feature.",
-      "id": "antibot-session-name",
-      "label": "Antibot Session name",
-      "regex": "^(random|\\w+)$",
-      "type": "text"
-    },
     "ANTIBOT_RECAPTCHA_SCORE": {
       "context": "multisite",
       "default": "0.7",

src/common/core/redis/plugin.json

@@ -32,6 +32,15 @@
       "regex": "^[0-9]+$",
       "type": "text"
     },
+    "REDIS_DATABASE": {
+      "context": "global",
+      "default": "0",
+      "help": "Redis database number.",
+      "id": "redis-database",
+      "label": "Redis database",
+      "regex": "^[0-9]+$",
+      "type": "text"
+    },
     "REDIS_SSL": {
       "context": "global",
       "default": "no",

src/common/core/redis/redis.lua

@@ -1,11 +1,12 @@
 local _M = {}
 _M.__index = _M
 
-local utils		= require "utils"
-local datastore	= require "datastore"
-local logger	= require "logger"
-local cjson		= require "cjson"
-local resolver	= require "resty.dns.resolver"
+local utils			= require "utils"
+local datastore		= require "datastore"
+local logger		= require "logger"
+local cjson			= require "cjson"
+local resolver		= require "resty.dns.resolver"
+local clusterstore	= require "clusterstore"
 
 function _M.new()
 	local self = setmetatable({}, _M)
@@ -21,7 +22,21 @@ function _M:init()
 	if use_redis ~= "yes" then
 		return true, "redis not used"
 	end
-	-- TODO : check redis connectivity
+	-- Check redis connection
+	local redis_client, err = clusterstore:connect()
+	if not redis_client then
+		return false, "can't connect to redis server"
+	end
+	local ok, err = redis_client:ping()
+	if err then
+		clusterstore:close(redis_client)
+		return false, "error while sending ping command : " .. err
+	end
+	if not ok then
+		clusterstore:close(redis_client)
+		return false, "ping command failed"
+	end
+	clusterstore:close(redis_client)
 	return true, "redis ping successful"
 end
 

src/common/core/session/plugin.json

@@ -0,0 +1,27 @@
+{
+  "id": "session",
+  "order": 999,
+  "name": "Session",
+  "description": "Management of session used by other plugins.",
+  "version": "0.1",
+  "settings": {
+    "SESSION_SECRET": {
+      "context": "global",
+      "default": "random",
+      "help": "Secret used to encrypt sessions variables for storing data related to challenges.",
+      "id": "session-secret",
+      "label": "Session secret",
+      "regex": "^\\w+$",
+      "type": "password"
+    },
+    "SESSION_NAME": {
+      "context": "global",
+      "default": "random",
+      "help": "Name of the cookie given to clients.",
+      "id": "session-name",
+      "label": "Session name",
+      "regex": "^\\w+$",
+      "type": "text"
+    }
+  }
+}

src/common/core/session/session.lua

@@ -0,0 +1,84 @@
+local _M = {}
+_M.__index = _M
+
+local utils			= require "utils"
+local session   	= require "resty.session"
+
+function _M.new()
+	local self = setmetatable({}, _M)
+	return self, nil
+end
+
+function _M:init()
+    -- Get vars
+    local vars = {
+        ["SESSION_SECRET"] = "",
+        ["SESSION_NAME"] = "",
+        ["SESSION_IDLING_TIMEOUT"] = "",
+        ["SESSION_ROLLING_TIMEOUT"] = "",
+        ["SESSION_ABSOLUTE_TIMEOUT"] = "",
+        ["USE_REDIS"] = "",
+        ["REDIS_HOST"] = "",
+        ["REDIS_PORT"] = "",
+        ["REDIS_SSL"] = "",
+        ["REDIS_TIMEOUT"] = "",
+        ["REDIS_KEEPALIVE_IDLE"] = "",
+        ["REDIS_KEEPALIVE_POOL"] = ""
+    }
+    for k, v in pairs(vars) do
+        local var, err = utils.get_variable(k, false)
+        if var == nil then
+            return false, "can't get " .. k .. " variable : " .. err
+        end
+    end
+    -- Init configuration
+    local config = {
+        secret = vars["SESSION_SECRET"],
+        cookie_name = vars["SESSION_NAME"],
+        idling_timeout = tonumber(vars["SESSION_IDLING_TIMEOUT"]),
+        rolling_timeout = tonumber(vars["SESSION_ROLLING_TIMEOUT"]),
+        absolute_timeout = tonumber(vars["SESSION_ABSOLUTE_TIMEOUT"])
+    }
+    if vars["SESSION_SECRET"] == "random" then
+        config.secret = utils.rand(16)
+    end
+    if vars["SESSION_NAME"] == "random" then
+        config.cookie_name = utils.rand(16)
+    end
+    if vars["USE_REDIS"] == "no" then
+        config.storage = "cookie"
+    else
+        config.storage = "redis"
+        config.redis = {
+            prefix = "session_",
+            connect_timeout = tonumber(vars["REDIS_TIMEOUT"]),
+            send_timeout = tonumber(vars["REDIS_TIMEOUT"]),
+            read_timeout = tonumber(vars["REDIS_TIMEOUT"]),
+            keepalive_timeout = tonumber(vars["REDIS_KEEPALIVE_IDLE"]),
+            pool = "bw",
+            pool_size = tonumber(vars["REDIS_KEEPALIVE_POOL"]),
+            ssl = vars["REDIS_SSL"] == "yes",
+            host = vars["REDIS_HOST"],
+            port = tonumber(vars["REDIS_HOST"]),
+            database = tonumber(vars["REDIS_DATABASE"])
+        }
+    end
+    session.init(config)
+end
+
+function _M:access()
+    -- Start session and refresh it if needed
+    local client_session, err, exists, refreshed = session.start()
+    if err then
+        return false, "can't open session : " .. err, nil, nil
+    end
+    -- Refresh it
+    if exists then
+        local ok, err = client_session:refresh()
+        if err then
+            return false, "can't refresh session : " .. err, nil, nil
+        end
+    end
+end
+
+return _M