Store user session in browser (#219)

.gitignore

@@ -15,10 +15,6 @@ e2e/test-results
 e2e/playwright/.cache
 e2e/.env
 
-
-# session filesystem store path
-.tmp
-
 # Output of code generation tools
 third_party/OpenAPI/temporal
 

cmd/server/main.go

@@ -26,14 +26,11 @@ import (
 	"fmt"
 	"os"
 	"path"
-	"path/filepath"
 
-	"github.com/gorilla/securecookie"
-	"github.com/gorilla/sessions"
-	"github.com/temporalio/ui-server/v2/plugins/forwardheaders"
 	"github.com/temporalio/ui-server/v2/plugins/fs_config_provider"
 	"github.com/temporalio/ui-server/v2/server"
 	"github.com/temporalio/ui-server/v2/server/api"
+	"github.com/temporalio/ui-server/v2/server/headers"
 	"github.com/temporalio/ui-server/v2/server/server_options"
 	"github.com/temporalio/ui-server/v2/server/version"
 	"github.com/urfave/cli/v2"
@@ -99,27 +96,10 @@ func buildCLI() *cli.App {
 				opts := []server_options.ServerOption{
 					server_options.WithConfigProvider(cfgProvider),
 					server_options.WithAPIMiddleware([]api.Middleware{
-						forwardheaders.WithForwardHeaders(cfg.ForwardHeaders),
+						headers.WithForwardHeaders(cfg.ForwardHeaders),
 					}),
 				}
 
-				if cfg.Session.Filesystem.Path != "" {
-					fmt.Println("Using filesystem session store at: ", cfg.Session.Filesystem.Path)
-					if _, err := os.Stat(cfg.Session.Filesystem.Path); os.IsNotExist(err) {
-						fmt.Println("Creating session store directory: ", cfg.Session.Filesystem.Path)
-						os.Mkdir(cfg.Session.Filesystem.Path, 0755)
-					}
-
-					sessStore := sessions.NewFilesystemStore(cfg.Session.Filesystem.Path,
-						securecookie.GenerateRandomKey(32),
-						securecookie.GenerateRandomKey(32),
-					)
-					sessStore.MaxLength(64 * 1024)
-					opts = append(opts, server_options.WithSessionStore(sessStore))
-				} else {
-					fmt.Println("Using cookie session store")
-				}
-
 				s := server.NewServer(opts...)
 				defer s.Stop()
 				err = s.Start()
@@ -133,9 +113,3 @@ func buildCLI() *cli.App {
 	}
 	return app
 }
-
-func getDefaultFilesystemSessionPath() string {
-	dir, _ := os.Getwd()
-	sessDir := filepath.Join(dir, ".tmp")
-	return sessDir
-}

docker/config_template.yaml

@@ -41,10 +41,6 @@ auth:
 codec:
   endpoint: {{ default .Env.TEMPORAL_CODEC_ENDPOINT "" }}
   passAccessToken: {{ default .Env.TEMPORAL_CODEC_PASS_ACCESS_TOKEN "false" }}
-session:
-  filesystem:
-    # if non-empty, switches to filesystem store instead of cookie store. Increases size limit from 4K to 64K
-    path: {{ default .Env.TEMPORAL_SESSION_STORE_PATH "" }}
 forwardHeaders: # comma separated list of headers to pass from HTTP API requests to Temporal gRPC backend
 {{ if .Env.TEMPORAL_FORWARD_HEADERS }}
 {{ range $seed := (split .Env.TEMPORAL_FORWARD_HEADERS ",") }}

go.mod

@@ -9,9 +9,7 @@ require (
 	github.com/gogo/protobuf v1.3.2
 	github.com/golang/protobuf v1.5.2
 	github.com/gorilla/securecookie v1.1.1
-	github.com/gorilla/sessions v1.2.1
 	github.com/grpc-ecosystem/grpc-gateway v1.16.0
-	github.com/labstack/echo-contrib v0.12.0
 	github.com/labstack/echo/v4 v4.6.3
 	github.com/stretchr/testify v1.8.0
 	github.com/urfave/cli/v2 v2.3.0
@@ -28,7 +26,6 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/google/go-cmp v0.5.7 // indirect
-	github.com/gorilla/context v1.1.1 // indirect
 	github.com/labstack/gommon v0.3.1 // indirect
 	github.com/mattn/go-colorable v0.1.12 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect

go.sum

@@ -131,12 +131,8 @@ github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm4
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
-github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
-github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
-github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
-github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
@@ -149,8 +145,6 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/labstack/echo-contrib v0.12.0 h1:NPr1ez+XUa5s/4LujEon+32Bxg5DO6EKSW/va06pmLc=
-github.com/labstack/echo-contrib v0.12.0/go.mod h1:kR62TbwsBgmpV2HVab5iQRsQtLuhPyGqCBee88XRc4M=
 github.com/labstack/echo/v4 v4.6.3 h1:VhPuIZYxsbPmo4m9KAkMU/el2442eB7EBFFhNTTT9ac=
 github.com/labstack/echo/v4 v4.6.3/go.mod h1:Hk5OiHj0kDqmFq7aHe7eDqI7CUhuCrfpupQtLGGLm7A=
 github.com/labstack/gommon v0.3.1 h1:OomWaJXm7xR6L1HmEtGyQf26TEn7V6X88mktX9kee9o=

server/api/handler.go

@@ -28,7 +28,6 @@ import (
 
 	"github.com/gogo/gateway"
 	"github.com/grpc-ecosystem/grpc-gateway/runtime"
-	"github.com/labstack/echo-contrib/session"
 	"github.com/labstack/echo/v4"
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
@@ -46,8 +45,8 @@ type Auth struct {
 }
 
 type CodecResponse struct {
-	Endpoint    string
-	AccessToken string
+	Endpoint        string
+	PassAccessToken bool
 }
 
 type SettingsResponse struct {
@@ -105,20 +104,6 @@ func GetSettings(cfgProvier *config.ConfigProviderWithRefresh) func(echo.Context
 			}
 		}
 
-		codec := &CodecResponse{
-			Endpoint: cfg.Codec.Endpoint,
-		}
-		if cfg.Codec.PassAccessToken {
-			sess, _ := session.Get(auth.AuthCookie, c)
-			if sess != nil {
-				token := sess.Values[auth.AccessTokenKey]
-				if token != nil {
-					codec.AccessToken = token.(string)
-				}
-
-			}
-		}
-
 		settings := &SettingsResponse{
 			Auth: &Auth{
 				Enabled: cfg.Auth.Enabled,
@@ -128,9 +113,12 @@ func GetSettings(cfgProvier *config.ConfigProviderWithRefresh) func(echo.Context
 			ShowTemporalSystemNamespace: cfg.ShowTemporalSystemNamespace,
 			FeedbackURL:                 cfg.FeedbackURL,
 			NotifyOnNewVersion:          cfg.NotifyOnNewVersion,
-			Codec:                       codec,
-			Version:                     version.UIVersion,
-			DisableWriteActions:         cfg.DisableWriteActions,
+			Codec: &CodecResponse{
+				Endpoint:        cfg.Codec.Endpoint,
+				PassAccessToken: cfg.Codec.PassAccessToken,
+			},
+			Version:             version.UIVersion,
+			DisableWriteActions: cfg.DisableWriteActions,
 		}
 
 		return c.JSON(http.StatusOK, settings)
@@ -146,7 +134,6 @@ func getTemporalClientMux(c echo.Context, temporalConn *grpc.ClientConn, apiMidd
 	tMux := runtime.NewServeMux(
 		append(muxOpts,
 			withMarshaler(),
-			auth.WithAuth(c),
 			version.WithVersionHeader(c),
 			// This is necessary to get error details properly
 			// marshalled in unary requests.