| 167 | } |
| 168 | |
| 169 | func (store *UserSessionStore) New(r *http.Request, name string) (*sessions.Session, error) { |
| 170 | session := sessions.NewSession(store, name) |
| 171 | |
| 172 | if session == nil { |
| 173 | return nil, fmt.Errorf("could not create new session") |
| 174 | } |
| 175 | |
| 176 | opts := *store.options |
| 177 | session.Options = &(opts) |
| 178 | session.IsNew = true |
| 179 | |
| 180 | var err error |
| 181 | if c, errCookie := r.Cookie(name); errCookie == nil { |
| 182 | err = securecookie.DecodeMulti(name, c.Value, &session.ID, store.codecs...) |
| 183 | if err == nil { |
| 184 | err = store.load(r.Context(), session) |
| 185 | |
| 186 | if err != nil { |
| 187 | if errors.Is(err, pgx.ErrNoRows) { |
| 188 | err = nil |
| 189 | } else if strings.Contains(err.Error(), "expired timestamp") { |
| 190 | err = nil |
| 191 | session.IsNew = false |
| 192 | } |
| 193 | } else { |
| 194 | session.IsNew = false |
| 195 | } |
| 196 | } else if strings.Contains(err.Error(), "the value is not valid") { |
| 197 | // this error occurs if the encryption keys have been rotated, in which case we'd like a new cookie |
| 198 | err = nil |
| 199 | session.IsNew = true |
| 200 | } |
| 201 | } |
| 202 | |
| 203 | store.MaxAge(store.options.MaxAge) |
| 204 | |
| 205 | return session, err |
| 206 | } |
| 207 | |
| 208 | // Get Fetches a session for a given name after it has been added to the |
| 209 | // registry. |