fix: auth flow

server/sessionstore/in_memory_session.go

@@ -1,6 +1,7 @@
 package sessionstore
 
 import (
+	"strings"
 	"sync"
 )
 
@@ -11,42 +12,6 @@ type InMemoryStore struct {
 	stateStore   map[string]string
 }
 
-// AddUserSession adds a user session to the in-memory store.
-func (c *InMemoryStore) AddUserSession(userId, accessToken, refreshToken string) {
-	c.mutex.Lock()
-	defer c.mutex.Unlock()
-	// delete sessions > 500 // not recommended for production
-	if len(c.sessionStore) >= 500 {
-		c.sessionStore = map[string]map[string]string{}
-	}
-	// check if entry exists in map
-	_, exists := c.sessionStore[userId]
-	if exists {
-		tempMap := c.sessionStore[userId]
-		tempMap[accessToken] = refreshToken
-		c.sessionStore[userId] = tempMap
-	} else {
-		tempMap := map[string]string{
-			accessToken: refreshToken,
-		}
-		c.sessionStore[userId] = tempMap
-	}
-}
-
-// DeleteAllUserSession deletes all the user sessions from in-memory store.
-func (c *InMemoryStore) DeleteAllUserSession(userId string) {
-	c.mutex.Lock()
-	defer c.mutex.Unlock()
-	delete(c.sessionStore, userId)
-}
-
-// DeleteUserSession deletes the particular user session from in-memory store.
-func (c *InMemoryStore) DeleteUserSession(userId, accessToken string) {
-	c.mutex.Lock()
-	defer c.mutex.Unlock()
-	delete(c.sessionStore[userId], accessToken)
-}
-
 // ClearStore clears the in-memory store.
 func (c *InMemoryStore) ClearStore() {
 	c.mutex.Lock()
@@ -54,32 +19,29 @@ func (c *InMemoryStore) ClearStore() {
 	c.sessionStore = map[string]map[string]string{}
 }
 
-// GetUserSession returns the user session token from the in-memory store.
-func (c *InMemoryStore) GetUserSession(userId, accessToken string) string {
-	// c.mutex.Lock()
-	// defer c.mutex.Unlock()
-
-	token := ""
-	if sessionMap, ok := c.sessionStore[userId]; ok {
-		if val, ok := sessionMap[accessToken]; ok {
-			token = val
-		}
-	}
-
-	return token
-}
-
 // GetUserSessions returns all the user session token from the in-memory store.
 func (c *InMemoryStore) GetUserSessions(userId string) map[string]string {
 	// c.mutex.Lock()
 	// defer c.mutex.Unlock()
-
-	sessionMap, ok := c.sessionStore[userId]
-	if !ok {
-		return nil
+	res := map[string]string{}
+	for k, v := range c.stateStore {
+		split := strings.Split(v, "@")
+		if split[1] == userId {
+			res[k] = split[0]
+		}
 	}
 
-	return sessionMap
+	return res
+}
+
+// DeleteAllUserSession deletes all the user sessions from in-memory store.
+func (c *InMemoryStore) DeleteAllUserSession(userId string) {
+	// c.mutex.Lock()
+	// defer c.mutex.Unlock()
+	sessions := GetUserSessions(userId)
+	for k := range sessions {
+		RemoveState(k)
+	}
 }
 
 // SetState sets the state in the in-memory store.

server/sessionstore/redis_store.go

@@ -2,8 +2,8 @@ package sessionstore
 
 import (
 	"context"
-	"fmt"
 	"log"
+	"strings"
 )
 
 type RedisStore struct {
@@ -11,32 +11,6 @@ type RedisStore struct {
 	store RedisSessionClient
 }
 
-// AddUserSession adds the user session to redis
-func (c *RedisStore) AddUserSession(userId, accessToken, refreshToken string) {
-	err := c.store.HMSet(c.ctx, "authorizer_"+userId, map[string]string{
-		accessToken: refreshToken,
-	}).Err()
-	if err != nil {
-		log.Fatalln("Error saving redis token:", err)
-	}
-}
-
-// DeleteAllUserSession deletes all the user session from redis
-func (c *RedisStore) DeleteAllUserSession(userId string) {
-	err := c.store.Del(c.ctx, "authorizer_"+userId).Err()
-	if err != nil {
-		log.Fatalln("Error deleting redis token:", err)
-	}
-}
-
-// DeleteUserSession deletes the particular user session from redis
-func (c *RedisStore) DeleteUserSession(userId, accessToken string) {
-	err := c.store.HDel(c.ctx, "authorizer_"+userId, accessToken).Err()
-	if err != nil {
-		log.Fatalln("Error deleting redis token:", err)
-	}
-}
-
 // ClearStore clears the redis store for authorizer related tokens
 func (c *RedisStore) ClearStore() {
 	err := c.store.Del(c.ctx, "authorizer_*").Err()
@@ -45,32 +19,40 @@ func (c *RedisStore) ClearStore() {
 	}
 }
 
-// GetUserSession returns the user session token from the redis store.
-func (c *RedisStore) GetUserSession(userId, accessToken string) string {
-	token := ""
-	res, err := c.store.HMGet(c.ctx, "authorizer_"+userId, accessToken).Result()
-	if err != nil {
-		log.Println("error getting token from redis store:", err)
-	}
-	if len(res) > 0 && res[0] != nil {
-		token = fmt.Sprintf("%v", res[0])
-	}
-	return token
-}
-
 // GetUserSessions returns all the user session token from the redis store.
 func (c *RedisStore) GetUserSessions(userID string) map[string]string {
-	res, err := c.store.HGetAll(c.ctx, "authorizer_"+userID).Result()
+	data, err := c.store.HGetAll(c.ctx, "*").Result()
 	if err != nil {
 		log.Println("error getting token from redis store:", err)
 	}
 
+	res := map[string]string{}
+	for k, v := range data {
+		split := strings.Split(v, "@")
+		if split[1] == userID {
+			res[k] = split[0]
+		}
+	}
+
 	return res
 }
 
+// DeleteAllUserSession deletes all the user session from redis
+func (c *RedisStore) DeleteAllUserSession(userId string) {
+	sessions := GetUserSessions(userId)
+	for k, v := range sessions {
+		if k == "token" {
+			err := c.store.Del(c.ctx, v)
+			if err != nil {
+				log.Println("Error deleting redis token:", err)
+			}
+		}
+	}
+}
+
 // SetState sets the state in redis store.
-func (c *RedisStore) SetState(key, state string) {
-	err := c.store.Set(c.ctx, key, state, 0).Err()
+func (c *RedisStore) SetState(key, value string) {
+	err := c.store.Set(c.ctx, key, value, 0).Err()
 	if err != nil {
 		log.Fatalln("Error saving redis token:", err)
 	}

server/sessionstore/session.go

@@ -22,26 +22,6 @@ type SessionStore struct {
 // reference to various session store instances
 var SessionStoreObj SessionStore
 
-// SetUserSession sets the user session in the session store
-func SetUserSession(userId, fingerprint, refreshToken string) {
-	if SessionStoreObj.RedisMemoryStoreObj != nil {
-		SessionStoreObj.RedisMemoryStoreObj.AddUserSession(userId, fingerprint, refreshToken)
-	}
-	if SessionStoreObj.InMemoryStoreObj != nil {
-		SessionStoreObj.InMemoryStoreObj.AddUserSession(userId, fingerprint, refreshToken)
-	}
-}
-
-// DeleteUserSession deletes the particular user session from the session store
-func DeleteUserSession(userId, fingerprint string) {
-	if SessionStoreObj.RedisMemoryStoreObj != nil {
-		SessionStoreObj.RedisMemoryStoreObj.DeleteUserSession(userId, fingerprint)
-	}
-	if SessionStoreObj.InMemoryStoreObj != nil {
-		SessionStoreObj.InMemoryStoreObj.DeleteUserSession(userId, fingerprint)
-	}
-}
-
 // DeleteAllSessions deletes all the sessions from the session store
 func DeleteAllUserSession(userId string) {
 	if SessionStoreObj.RedisMemoryStoreObj != nil {
@@ -52,18 +32,6 @@ func DeleteAllUserSession(userId string) {
 	}
 }
 
-// GetUserSession returns the user session from the session store
-func GetUserSession(userId, fingerprint string) string {
-	if SessionStoreObj.RedisMemoryStoreObj != nil {
-		return SessionStoreObj.RedisMemoryStoreObj.GetUserSession(userId, fingerprint)
-	}
-	if SessionStoreObj.InMemoryStoreObj != nil {
-		return SessionStoreObj.InMemoryStoreObj.GetUserSession(userId, fingerprint)
-	}
-
-	return ""
-}
-
 // GetUserSessions returns all the user sessions from the session store
 func GetUserSessions(userId string) map[string]string {
 	if SessionStoreObj.RedisMemoryStoreObj != nil {