diff --git a/cmd/neofs-node/config.go b/cmd/neofs-node/config.go index eae65314e..9090789e3 100644 --- a/cmd/neofs-node/config.go +++ b/cmd/neofs-node/config.go @@ -37,7 +37,6 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" trustcontroller "github.com/nspcc-dev/neofs-node/pkg/services/reputation/local/controller" truststorage "github.com/nspcc-dev/neofs-node/pkg/services/reputation/local/storage" - tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage/temporary" "github.com/nspcc-dev/neofs-node/pkg/services/util/response" "github.com/nspcc-dev/neofs-node/pkg/util" "github.com/nspcc-dev/neofs-node/pkg/util/logger" @@ -89,7 +88,7 @@ type cfg struct { cfgNetmap cfgNetmap - privateTokenStore *tokenStorage.TokenStore + privateTokenStore sessionStorage cfgNodeInfo cfgNodeInfo diff --git a/cmd/neofs-node/session.go b/cmd/neofs-node/session.go index 076bcf25a..c78f93d6d 100644 --- a/cmd/neofs-node/session.go +++ b/cmd/neofs-node/session.go @@ -1,16 +1,51 @@ package main import ( + "context" + "fmt" + "time" + + "github.com/nspcc-dev/neofs-api-go/v2/session" sessionGRPC "github.com/nspcc-dev/neofs-api-go/v2/session/grpc" + nodeconfig "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config/node" "github.com/nspcc-dev/neofs-node/pkg/morph/event" "github.com/nspcc-dev/neofs-node/pkg/morph/event/netmap" sessionTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/session/grpc" sessionSvc "github.com/nspcc-dev/neofs-node/pkg/services/session" + "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" + "github.com/nspcc-dev/neofs-node/pkg/services/session/storage/persistent" "github.com/nspcc-dev/neofs-node/pkg/services/session/storage/temporary" + "github.com/nspcc-dev/neofs-sdk-go/owner" ) +type sessionStorage interface { + Create(ctx context.Context, body *session.CreateRequestBody) (*session.CreateResponseBody, error) + Get(ownerID *owner.ID, tokenID []byte) *storage.PrivateToken + RemoveOld(epoch uint64) + + Close() error +} + func initSessionService(c *cfg) { - c.privateTokenStore = temporary.NewTokenStore() + if persistentSessionPath := nodeconfig.PersistentSessions(c.appCfg).Path(); persistentSessionPath != "" { + persisessions, err := persistent.NewTokenStore(persistentSessionPath, + persistent.WithLogger(c.log), + persistent.WithTimeout(100*time.Millisecond), + persistent.WithEncryptionKey(&c.key.PrivateKey), + ) + if err != nil { + panic(fmt.Errorf("could not create persistent session token storage: %w", err)) + } + + c.privateTokenStore = persisessions + } else { + c.privateTokenStore = temporary.NewTokenStore() + } + + c.onShutdown(func() { + _ = c.privateTokenStore.Close() + }) + addNewEpochNotificationHandler(c, func(ev event.Event) { c.privateTokenStore.RemoveOld(ev.(netmap.NewEpoch).EpochNumber()) }) diff --git a/pkg/services/object/util/key.go b/pkg/services/object/util/key.go index f7a8d1880..a5e86db83 100644 --- a/pkg/services/object/util/key.go +++ b/pkg/services/object/util/key.go @@ -4,22 +4,35 @@ import ( "crypto/ecdsa" "github.com/nspcc-dev/neofs-node/pkg/core/netmap" - "github.com/nspcc-dev/neofs-node/pkg/services/session/storage/temporary" + "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" + "github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/session" ) +// SessionSource is an interface tha provides +// access to node's actual (not expired) session +// tokens. +type SessionSource interface { + // Get must return non-expired private token that + // corresponds with passed owner and tokenID. If + // token has not been created, has been expired + // of it is impossible to get information about the + // token Get must return nil. + Get(owner *owner.ID, tokenID []byte) *storage.PrivateToken +} + // KeyStorage represents private key storage of the local node. type KeyStorage struct { key *ecdsa.PrivateKey - tokenStore *temporary.TokenStore + tokenStore SessionSource networkState netmap.State } // NewKeyStorage creates, initializes and returns new KeyStorage instance. -func NewKeyStorage(localKey *ecdsa.PrivateKey, tokenStore *temporary.TokenStore, net netmap.State) *KeyStorage { +func NewKeyStorage(localKey *ecdsa.PrivateKey, tokenStore SessionSource, net netmap.State) *KeyStorage { return &KeyStorage{ key: localKey, tokenStore: tokenStore, diff --git a/pkg/services/session/storage/temporary/executor.go b/pkg/services/session/storage/temporary/executor.go index ec6752565..6ca5f17d3 100644 --- a/pkg/services/session/storage/temporary/executor.go +++ b/pkg/services/session/storage/temporary/executor.go @@ -40,3 +40,7 @@ func (s *TokenStore) Create(ctx context.Context, body *session.CreateRequestBody return res, nil } + +func (s *TokenStore) Close() error { + return nil +}