Skip to main content

Session

Goffee provides a session system that allows you to store and retrieve user-specific data across requests. The session is backed by the cache system (Redis by default) and is tied to an authenticated user via JWT tokens.

The session implementation is provided in utils/session.go and includes the SessionUser struct with thread-safe methods for managing session data.

How it works

The session system works in two steps:

  1. Initialization - When a request comes in, call Init to validate the user's JWT token and cache entry. If valid, the session is loaded from the cache.
  2. Data management - Once initialized, you can set, get, delete, or flush session values that are persisted to the cache.

Initializing the session

Before you can use the session, you need to initialize it with the current request context:

#file: controllers/sample.go
package controllers

import (
    "git.smarteching.com/goffee/core"
    "git.smarteching.com/goffee/cup/utils"
)

func Dashboard(c *core.Context) *core.Response {
    session := &utils.SessionUser{}
    authenticated := session.Init(c)

    if !authenticated {
        return c.Response.Json(`{"error": "not authenticated"}`)
    }

    // Session is ready to use
    return c.Response.Json(`{"message": "welcome back"}`)
}

The Init method returns true if the session was successfully established. It performs the following checks:

  • Reads the JWT token from the cookie
  • Decodes the token and extracts the user ID
  • Verifies the token against the cached value (keyed by user ID and user agent)
  • Loads the user from the database
  • If all checks pass, loads any existing session data from the cache

Storing data in the session

Use Set to store values in the session. The data is automatically saved to the cache.

session.Set("theme", "dark")
session.Set("language", "en")
session.Set("items_in_cart", 3)

Retrieving data from the session

Use Get to retrieve values. It returns the value and a boolean indicating whether the key exists.

theme, ok := session.Get("theme")
if ok {
    // theme is available
}
itemsInCart, ok := session.Get("items_in_cart")

Deleting a single value

Use Delete to remove a specific key from the session. It returns the deleted value.

previousValue := session.Delete("items_in_cart")

Clearing the entire session

Use Flush to delete all session data from the cache.

session.Flush()

Getting the authenticated user ID

Use GetUserID to retrieve the ID of the authenticated user.

userID := session.GetUserID()

Complete example

Here is a complete example showing how to use the session in a controller:

#file: controllers/dashboard.go
package controllers

import (
    "git.smarteching.com/goffee/core"
    "git.smarteching.com/goffee/cup/utils"
)

func Dashboard(c *core.Context) *core.Response {
    session := &utils.SessionUser{}
    if !session.Init(c) {
        return c.Response.Json(`{"error": "not authenticated"}`)
    }

    // Track page visits
    visits, _ := session.Get("page_visits")
    count := 0
    if visits != nil {
        count = c.CastToInt(visits)
    }
    count++
    session.Set("page_visits", count)

    return c.Response.Json(map[string]interface{}{
        "user_id":     session.GetUserID(),
        "page_visits": count,
    })
}

Thread safety

All session operations (Set, Get, Delete, Save, Flush) are protected by a read-write mutex, making them safe for concurrent access.