From 99c9e145c1ed3b48862a4d2eae0dc191719e7bce Mon Sep 17 00:00:00 2001 From: dowwie Date: Thu, 11 Jul 2019 15:10:09 -0400 Subject: [PATCH 1/2] updated redis-session with comprehensive example and tests --- redis-session/Cargo.toml | 13 +- redis-session/README.md | 0 redis-session/src/main.rs | 254 +++++++++++++++++++++++++++++++++++--- 3 files changed, 247 insertions(+), 20 deletions(-) create mode 100644 redis-session/README.md diff --git a/redis-session/Cargo.toml b/redis-session/Cargo.toml index 7a6c64b1..eceeb0f6 100644 --- a/redis-session/Cargo.toml +++ b/redis-session/Cargo.toml @@ -1,13 +1,18 @@ [package] -name = "redis-session" +name = "redis_session_test" version = "0.1.0" authors = ["Nikolay Kim "] workspace = ".." edition = "2018" [dependencies] -actix = "0.8.2" actix-web = "1.0.3" -actix-session = "0.1.0" -actix-redis = { version = "0.6", features = ["web"] } +actix-session = "0.2.0" +actix-redis = { version = "0.6.0", features = ["web"] } env_logger = "0.6" +serde = { version = "^1.0", features = ["derive"] } +actix-service = "0.4.1" +actix-http-test = "0.2.2" +actix-http = "0.2.5" +serde_json = "1.0.40" +time = "0.1.42" diff --git a/redis-session/README.md b/redis-session/README.md new file mode 100644 index 00000000..e69de29b diff --git a/redis-session/src/main.rs b/redis-session/src/main.rs index 7dfe2132..944c3b9e 100644 --- a/redis-session/src/main.rs +++ b/redis-session/src/main.rs @@ -1,23 +1,66 @@ -//! Example of redis based session +//! Example of login and logout using redis-based sessions +//! +//! Every request gets a session, corresponding to a cache entry and cookie. +//! At login, the session key changes and session state in cache re-assigns. +//! At logout, session state in cache is removed and cookie is invalidated. //! -//! [User guide](https://actix.rs/book/actix-web/sec-9-middlewares.html#user-sessions) use actix_redis::RedisSession; use actix_session::Session; -use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer, Result}; +use actix_web::{middleware, web, App, HttpResponse, HttpServer, Result, + web::{resource, get, post}}; +use serde::{Deserialize, Serialize}; -/// simple handler -fn index(req: HttpRequest, session: Session) -> Result { - println!("{:?}", req); - // session - if let Some(count) = session.get::("counter")? { - println!("SESSION value: {}", count); - session.set("counter", count + 1)?; +#[derive(Serialize, Deserialize, Debug, PartialEq)] +pub struct IndexResponse { + user_id: Option, + counter: i32 +} + +fn index(session: Session) -> Result { + let user_id: Option = session.get::("user_id").unwrap(); + let counter: i32 = session.get::("counter") + .unwrap_or(Some(0)) + .unwrap_or(0); + + Ok(HttpResponse::Ok().json(IndexResponse{user_id, counter})) +} + + +fn do_something(session: Session) -> Result { + let user_id: Option = session.get::("user_id").unwrap(); + let counter: i32 = session.get::("counter") + .unwrap_or(Some(0)) + .map_or(1, |inner| inner + 1); + session.set("counter", counter)?; + + Ok(HttpResponse::Ok().json(IndexResponse{user_id, counter})) +} + +#[derive(Deserialize)] +struct Identity { + user_id: String +} +fn login(user_id: web::Json, session: Session) -> Result { + let id = user_id.into_inner().user_id; + session.set("user_id", &id)?; + session.renew(); + + let counter: i32 = session.get::("counter") + .unwrap_or(Some(0)) + .unwrap_or(0); + + Ok(HttpResponse::Ok().json(IndexResponse{user_id: Some(id), counter})) +} + +fn logout(session: Session) -> Result { + let id: Option = session.get("user_id")?; + if let Some(x) = id{ + session.purge(); + Ok(format!("Logged out: {}", x).into()) } else { - session.set("counter", 1)?; + Ok("Could not log out anonymous user".into()) } - - Ok("Welcome!".into()) } fn main() -> std::io::Result<()> { @@ -28,11 +71,190 @@ fn main() -> std::io::Result<()> { App::new() // redis session middleware .wrap(RedisSession::new("127.0.0.1:6379", &[0; 32])) - // enable logger - always register actix-web Logger middleware last + // enable logger - always register actix-web Logger middleware last .wrap(middleware::Logger::default()) - // register simple route, handle all methods - .service(web::resource("/").to(index)) + .service(resource("/").route(get().to(index))) + .service(resource("/do_something").route(post().to(do_something))) + .service(resource("/login").route(post().to(login))) + .service(resource("/logout").route(post().to(logout))) }) .bind("127.0.0.1:8080")? .run() } + + +#[cfg(test)] +mod test { + use super::*; + use actix_http::{HttpService, httpmessage::HttpMessage}; + use actix_http_test::{TestServer, block_on}; + use actix_web::{middleware, App, web::{resource, get, post}}; + use serde_json::json; + use time; + + #[test] + fn test_workflow() { + // Step 1: GET index + // - set-cookie actix-session will be in response (session cookie #1) + // - response should be: {"counter": 0, "user_id": None} + // Step 2: GET index, including session cookie #1 in request + // - set-cookie will *not* be in response + // - response should be: {"counter": 0, "user_id": None} + // Step 3: POST to do_something, including session cookie #1 in request + // - adds new session state in redis: {"counter": 1} + // - response should be: {"counter": 1, "user_id": None} + // Step 4: POST again to do_something, including session cookie #1 in request + // - updates session state in redis: {"counter": 2} + // - response should be: {"counter": 2, "user_id": None} + // Step 5: POST to login, including session cookie #1 in request + // - set-cookie actix-session will be in response (session cookie #2) + // - updates session state in redis: {"counter": 2, "user_id": "ferris"} + // Step 6: GET index, including session cookie #2 in request + // - response should be: {"counter": 2, "user_id": "ferris"} + // Step 7: POST again to do_something, including session cookie #2 in request + // - updates session state in redis: {"counter": 3, "user_id": "ferris"} + // - response should be: {"counter": 2, "user_id": None} + // Step 8: GET index, including session cookie #1 in request + // - set-cookie actix-session will be in response (session cookie #3) + // - response should be: {"counter": 0, "user_id": None} + // Step 9: POST to logout, including session cookie #2 + // - set-cookie actix-session will be in response with session cookie #2 + // invalidation logic + // Step 10: GET index, including session cookie #2 in request + // - set-cookie actix-session will be in response (session cookie #3) + // - response should be: {"counter": 0, "user_id": None} + + let mut srv = + TestServer::new(|| { + HttpService::new( + App::new() + .wrap(RedisSession::new("127.0.0.1:6379", &[0; 32]) + .cookie_name("test-session")) + .wrap(middleware::Logger::default()) + .service(resource("/").route(get().to(index))) + .service(resource("/do_something").route(post().to(do_something))) + .service(resource("/login").route(post().to(login))) + .service(resource("/logout").route(post().to(logout))) + ) + }); + + + // Step 1: GET index + // - set-cookie actix-session will be in response (session cookie #1) + // - response should be: {"counter": 0, "user_id": None} + let req_1a = srv.get("/").send(); + let mut resp_1 = srv.block_on(req_1a).unwrap(); + let cookie_1 = resp_1.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session") + .unwrap(); + let result_1 = block_on(resp_1.json::()).unwrap(); + assert_eq!(result_1, IndexResponse{user_id: None, counter: 0}); + + + // Step 2: GET index, including session cookie #1 in request + // - set-cookie will *not* be in response + // - response should be: {"counter": 0, "user_id": None} + let req_2 = srv.get("/").cookie(cookie_1.clone()).send(); + let resp_2 = srv.block_on(req_2).unwrap(); + let cookie_2 = resp_2.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session"); + assert_eq!(cookie_2, None); + + + // Step 3: POST to do_something, including session cookie #1 in request + // - adds new session state in redis: {"counter": 1} + // - response should be: {"counter": 1, "user_id": None} + let req_3 = srv.post("/do_something").cookie(cookie_1.clone()).send(); + let mut resp_3 = srv.block_on(req_3).unwrap(); + let result_3 = block_on(resp_3.json::()).unwrap(); + assert_eq!(result_3, IndexResponse{user_id: None, counter: 1}); + + + // Step 4: POST again to do_something, including session cookie #1 in request + // - updates session state in redis: {"counter": 2} + // - response should be: {"counter": 2, "user_id": None} + let req_4 = srv.post("/do_something").cookie(cookie_1.clone()).send(); + let mut resp_4 = srv.block_on(req_4).unwrap(); + let result_4 = block_on(resp_4.json::()).unwrap(); + assert_eq!(result_4, IndexResponse{user_id: None, counter: 2}); + + + // Step 5: POST to login, including session cookie #1 in request + // - set-cookie actix-session will be in response (session cookie #2) + // - updates session state in redis: {"counter": 2, "user_id": "ferris"} + let req_5 = srv.post("/login") + .cookie(cookie_1.clone()) + .send_json(&json!({"user_id": "ferris"})); + let mut resp_5 = srv.block_on(req_5).unwrap(); + let cookie_2 = resp_5.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session") + .unwrap(); + assert_eq!(true, cookie_1.value().to_string() != cookie_2.value().to_string()); + + let result_5 = block_on(resp_5.json::()).unwrap(); + assert_eq!(result_5, IndexResponse{user_id: Some("ferris".into()), counter: 2}); + + + // Step 6: GET index, including session cookie #2 in request + // - response should be: {"counter": 2, "user_id": "ferris"} + let req_6 = srv.get("/") + .cookie(cookie_2.clone()) + .send(); + let mut resp_6 = srv.block_on(req_6).unwrap(); + let result_6 = block_on(resp_6.json::()).unwrap(); + assert_eq!(result_6, IndexResponse{user_id: Some("ferris".into()), counter: 2}); + + + // Step 7: POST again to do_something, including session cookie #2 in request + // - updates session state in redis: {"counter": 3, "user_id": "ferris"} + // - response should be: {"counter": 2, "user_id": None} + let req_7 = srv.post("/do_something").cookie(cookie_2.clone()).send(); + let mut resp_7 = srv.block_on(req_7).unwrap(); + let result_7 = block_on(resp_7.json::()).unwrap(); + assert_eq!(result_7, IndexResponse{user_id: Some("ferris".into()), counter: 3}); + + + // Step 8: GET index, including session cookie #1 in request + // - set-cookie actix-session will be in response (session cookie #3) + // - response should be: {"counter": 0, "user_id": None} + let req_8 = srv.get("/") + .cookie(cookie_1.clone()) + .send(); + let mut resp_8 = srv.block_on(req_8).unwrap(); + let cookie_3 = resp_8.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session") + .unwrap(); + let result_8 = block_on(resp_8.json::()).unwrap(); + assert_eq!(result_8, IndexResponse{user_id: None, counter: 0}); + assert!(cookie_3.value().to_string() != cookie_2.value().to_string()); + + + // Step 9: POST to logout, including session cookie #2 + // - set-cookie actix-session will be in response with session cookie #2 + // invalidation logic + let req_9 = srv.post("/logout") + .cookie(cookie_2.clone()) + .send(); + let resp_9 = srv.block_on(req_9).unwrap(); + let cookie_4 = resp_9.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session") + .unwrap(); + assert!(&time::now().tm_year != &cookie_4.expires().map(|t| t.tm_year).unwrap()); + + + // Step 10: GET index, including session cookie #2 in request + // - set-cookie actix-session will be in response (session cookie #3) + // - response should be: {"counter": 0, "user_id": None} + let req_10 = srv.get("/") + .cookie(cookie_2.clone()) + .send(); + let mut resp_10 = srv.block_on(req_10).unwrap(); + let result_10 = block_on(resp_10.json::()).unwrap(); + assert_eq!(result_10, IndexResponse{user_id: None, counter: 0}); + + let cookie_5 = resp_10.cookies().unwrap().clone() + .into_iter().find(|c| c.name() == "test-session") + .unwrap(); + assert!(cookie_5.value().to_string() != cookie_2.value().to_string()); + } +} \ No newline at end of file From 858376ecda607f21b9cfba063563c41f4a42b675 Mon Sep 17 00:00:00 2001 From: dowwie Date: Thu, 11 Jul 2019 15:27:17 -0400 Subject: [PATCH 2/2] renamed package --- redis-session/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/redis-session/Cargo.toml b/redis-session/Cargo.toml index eceeb0f6..edd40825 100644 --- a/redis-session/Cargo.toml +++ b/redis-session/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "redis_session_test" +name = "redis_session" version = "0.1.0" authors = ["Nikolay Kim "] workspace = ".."