mirror/syncthing
1
0
Fork 0
mirror of https://github.com/syncthing/syncthing.git synced 2026-01-29 08:13:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
541678ad9e62c8a6848d0f20fdc8ed5f4e92522e
syncthing/lib/api/tokenmanager.go
Jakob Borg 836045ee87 feat: switch logging framework (#10220) 
This updates our logging framework from legacy freetext strings using
the `log` package to structured log entries using `log/slog`. I have
updated all INFO or higher level entries, but not yet DEBUG (😓)... So,
at a high level:

There is a slight change in log levels, effectively adding a new warning
level:

- DEBUG is still debug (ideally not for users but developers, though
this is something we need to work on)
- INFO is still info, though I've added more data here, effectively
making Syncthing more verbose by default (more on this below)
- WARNING is a new log level that is different from the _old_ WARNING
(more below)
- ERROR is what was WARNING before -- problems that must be dealt with,
and also bubbled as a popup in the GUI.

A new feature is that the logging level can be set per package to
something other than just debug or info, and hence I feel that we can
add a bit more things into INFO while moving some (in fact, most)
current INFO level warnings into WARNING. For example, I think it's
justified to get a log of synced files in INFO and sync failures in
WARNING. These are things that have historically been tricky to debug
properly, and having more information by default will be useful to many,
while still making it possible get close to told level of inscrutability
by setting the log level to WARNING. I'd like to get to a stage where
DEBUG is never necessary to just figure out what's going on, as opposed
to trying to narrow down a likely bug.

Code wise:

- Our logging object, generally known as `l` in each package, is now a
new adapter object that provides the old API on top of the newer one.
(This should go away once all old log entries are migrated.) This is
only for `l.Debugln` and `l.Debugf`.
- There is a new level tracker that keeps the log level for each
package.
- There is a nested setup of handlers, since the structure mandated by
`log/slog` is slightly convoluted (imho). We do this because we need to
do formatting at a "medium" level internally so we can buffer log lines
in text format but with separate timestamp and log level for the API/GUI
to consume.
- The `debug` API call becomes a `loglevels` API call, which can set the
log level to `DEBUG`, `INFO`, `WARNING` or `ERROR` per package. The GUI
is updated to handle this.
- Our custom `sync` package provided some debugging of mutexes quite
strongly integrated into the old logging framework, only turned on when
`STTRACE` was set to certain values at startup, etc. It's been a long
time since this has been useful; I removed it.
- The `STTRACE` env var remains and can be used the same way as before,
while additionally permitting specific log levels to be specified,
`STTRACE=model:WARN,scanner:DEBUG`.
- There is a new command line option `--log-level=INFO` to set the
default log level.
- The command line options `--log-flags` and `--verbose` go away, but
are currently retained as hidden & ignored options since we set them by
default in some of our startup examples and Syncthing would otherwise
fail to start.

Sample format messages:

```
2009-02-13 23:31:30 INF A basic info line (attr1="val with spaces" attr2=2 attr3="val\"quote" a=a log.pkg=slogutil)
2009-02-13 23:31:30 INF An info line with grouped values (attr1=val1 foo.attr2=2 foo.bar.attr3=3 a=a log.pkg=slogutil)
2009-02-13 23:31:30 INF An info line with grouped values via logger (foo.attr1=val1 foo.attr2=2 a=a log.pkg=slogutil)
2009-02-13 23:31:30 INF An info line with nested grouped values via logger (bar.foo.attr1=val1 bar.foo.attr2=2 a=a log.pkg=slogutil)
2009-02-13 23:31:30 WRN A warning entry (a=a log.pkg=slogutil)
2009-02-13 23:31:30 ERR An error (a=a log.pkg=slogutil)
```

---------

Co-authored-by: Ross Smith II <ross@smithii.com>
2025-08-07 11:19:36 +02:00

228 lines
5.9 KiB
Go
Raw Blame History

// Copyright (C) 2024 The Syncthing Authors.
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// You can obtain one at https://mozilla.org/MPL/2.0/.
package api
import (
"net/http"
"slices"
"strings"
"sync"
"time"
"google.golang.org/protobuf/proto"
"github.com/syncthing/syncthing/internal/db"
"github.com/syncthing/syncthing/internal/gen/apiproto"
"github.com/syncthing/syncthing/lib/config"
"github.com/syncthing/syncthing/lib/events"
"github.com/syncthing/syncthing/lib/rand"
)
type tokenManager struct {
key string
miscDB *db.Typed
lifetime time.Duration
maxItems int
timeNow func() time.Time // can be overridden for testing
mut sync.Mutex
tokens *apiproto.TokenSet
saveTimer *time.Timer
}
func newTokenManager(key string, miscDB *db.Typed, lifetime time.Duration, maxItems int) *tokenManager {
var tokens apiproto.TokenSet
if bs, ok, _ := miscDB.Bytes(key); ok {
_ = proto.Unmarshal(bs, &tokens) // best effort
}
if tokens.Tokens == nil {
tokens.Tokens = make(map[string]int64)
}
return &tokenManager{
key: key,
miscDB: miscDB,
lifetime: lifetime,
maxItems: maxItems,
timeNow: time.Now,
tokens: &tokens,
}
}
// Check returns true if the token is valid, and updates the token's expiry
// time. The token is removed if it is expired.
func (m *tokenManager) Check(token string) bool {
m.mut.Lock()
defer m.mut.Unlock()
expires, ok := m.tokens.Tokens[token]
if ok {
if expires < m.timeNow().UnixNano() {
// The token is expired.
m.saveLocked() // removes expired tokens
return false
}
// Give the token further life.
m.tokens.Tokens[token] = m.timeNow().Add(m.lifetime).UnixNano()
m.saveLocked()
}
return ok
}
// New creates a new token and returns it.
func (m *tokenManager) New() string {
token := rand.String(randomTokenLength)
m.mut.Lock()
defer m.mut.Unlock()
m.tokens.Tokens[token] = m.timeNow().Add(m.lifetime).UnixNano()
m.saveLocked()
return token
}
// Delete removes a token.
func (m *tokenManager) Delete(token string) {
m.mut.Lock()
defer m.mut.Unlock()
delete(m.tokens.Tokens, token)
m.saveLocked()
}
func (m *tokenManager) saveLocked() {
// Remove expired tokens.
now := m.timeNow().UnixNano()
for token, expiry := range m.tokens.Tokens {
if expiry < now {
delete(m.tokens.Tokens, token)
}
}
// If we have a limit on the number of tokens, remove the oldest ones.
if m.maxItems > 0 && len(m.tokens.Tokens) > m.maxItems {
// Sort the tokens by expiry time, oldest first.
type tokenExpiry struct {
token string
expiry int64
}
var tokens []tokenExpiry
for token, expiry := range m.tokens.Tokens {
tokens = append(tokens, tokenExpiry{token, expiry})
}
slices.SortFunc(tokens, func(a, b tokenExpiry) int {
return int(a.expiry - b.expiry)
})
// Remove the oldest tokens.
for _, token := range tokens[:len(tokens)-m.maxItems] {
delete(m.tokens.Tokens, token.token)
}
}
// Postpone saving until one second of inactivity.
if m.saveTimer == nil {
m.saveTimer = time.AfterFunc(time.Second, m.scheduledSave)
} else {
m.saveTimer.Reset(time.Second)
}
}
func (m *tokenManager) scheduledSave() {
m.mut.Lock()
defer m.mut.Unlock()
m.saveTimer = nil
bs, _ := proto.Marshal(m.tokens) // can't fail
_ = m.miscDB.PutBytes(m.key, bs) // can fail, but what are we going to do?
}
type tokenCookieManager struct {
cookieName string
shortID string
guiCfg config.GUIConfiguration
evLogger events.Logger
tokens *tokenManager
}
func newTokenCookieManager(shortID string, guiCfg config.GUIConfiguration, evLogger events.Logger, miscDB *db.Typed) *tokenCookieManager {
return &tokenCookieManager{
cookieName: "sessionid-" + shortID,
shortID: shortID,
guiCfg: guiCfg,
evLogger: evLogger,
tokens: newTokenManager("sessions", miscDB, maxSessionLifetime, maxActiveSessions),
}
}
func (m *tokenCookieManager) createSession(username string, persistent bool, w http.ResponseWriter, r *http.Request) {
sessionid := m.tokens.New()
// Best effort detection of whether the connection is HTTPS --
// either directly to us, or as used by the client towards a reverse
// proxy who sends us headers.
connectionIsHTTPS := r.TLS != nil ||
strings.ToLower(r.Header.Get("x-forwarded-proto")) == "https" ||
strings.Contains(strings.ToLower(r.Header.Get("forwarded")), "proto=https")
// If the connection is HTTPS, or *should* be HTTPS, set the Secure
// bit in cookies.
useSecureCookie := connectionIsHTTPS || m.guiCfg.UseTLS()
maxAge := 0
if persistent {
maxAge = int(maxSessionLifetime.Seconds())
}
http.SetCookie(w, &http.Cookie{
Name: m.cookieName,
Value: sessionid,
// In HTTP spec Max-Age <= 0 means delete immediately,
// but in http.Cookie MaxAge = 0 means unspecified (session) and MaxAge < 0 means delete immediately
MaxAge: maxAge,
Secure: useSecureCookie,
Path: "/",
})
emitLoginAttempt(true, username, r, m.evLogger)
}
func (m *tokenCookieManager) hasValidSession(r *http.Request) bool {
for _, cookie := range r.Cookies() {
// We iterate here since there may, historically, be multiple
// cookies with the same name but different path. Any "old" ones
// won't match an existing session and will be ignored, then
// later removed on logout or when timing out.
if cookie.Name == m.cookieName {
if m.tokens.Check(cookie.Value) {
return true
}
}
}
return false
}
func (m *tokenCookieManager) destroySession(w http.ResponseWriter, r *http.Request) {
for _, cookie := range r.Cookies() {
// We iterate here since there may, historically, be multiple
// cookies with the same name but different path. We drop them
// all.
if cookie.Name == m.cookieName {
m.tokens.Delete(cookie.Value)
// Create a cookie deletion command
http.SetCookie(w, &http.Cookie{
Name: m.cookieName,
Value: "",
MaxAge: -1,
Secure: cookie.Secure,
Path: cookie.Path,
})
}
}
}
Reference in New Issue View Git Blame Copy Permalink