go gorilla/sessions angularjs and path, session values not saved (find the bug/place the blame)

huangapple
go评论76阅读模式
英文:

go gorilla/sessions angularjs and path, session values not saved (find the bug/place the blame)

问题

好的,下面是翻译好的内容:

好,从哪里开始呢...

问题是当我将会话的Path设置为"/"时,会话没有被保存。

我设置Path是因为当我向不是会话保存路径的路径发送请求时,也就是调用了session.Save()函数时,会话值"user"是空的|nil|未设置。
所以我设置了Path: "/",但是会话没有被保存。当我检查Chromium时,我看到cookie已经设置了。我不知道问题出在哪里。是在gorilla/sessions中吗?还是在AngularJS中?Angular中的HTML5模式已关闭。

所以换句话说,这是因为/api/1.0/community是一个不同的路径,而不是/api/1.0/user,在这个路径上调用了sessions.Save(r,w)函数,所以我设置了Path: "/"。但是当Path"/"时,会话值"user"没有被保存。

main.go

var (
    sessionStore    *sessions.CookieStore
    sessionAuthKey  []byte      = make([]byte, 64)
    sessionCryptKey []byte      = make([]byte, 32)
    router          *mux.Router = mux.NewRouter()
)

func init() {
    // 生成会话密钥
    sessionAuthKey = securecookie.GenerateRandomKey(64)
    sessionCryptKey = securecookie.GenerateRandomKey(32)

    // 创建会话
    sessionStore = sessions.NewCookieStore(sessionAuthKey, sessionCryptKey)
    sessionStore.Options = &sessions.Options{
        Domain: ".mango.dev",
        Path:   "/",
        MaxAge: 0,
    }
}

func main() {
    api := router.PathPrefix("/api/1.0").Subrouter()
    api.HandleFunc("/user/register", UserRegisterHandler).Methods("POST")
    api.HandleFunc("/user/authenticate", UserAuthenticateHandler).Methods("POST")
    api.HandleFunc("/user/endsession", UserLogoutHandler).Methods("POST")
    api.HandleFunc("/user/profile", UserProfileHandler).Methods("GET")
    api.HandleFunc("/user/profile", UserUpdateProfileHandler).Methods("POST")
    api.HandleFunc("/user/reset_request", UserResetRequestHandler).Methods("POST")
    api.HandleFunc("/user/reset_password", UserResetPasswordHandler).Methods("POST")
    api.HandleFunc("/user/loginstatus", UserLoginStatusHandler).Methods("GET")
    api.HandleFunc("/forums/directory", ForumsDirectoryHandler).Methods("GET")
    api.HandleFunc("/community/list", CommunityListHandler).Methods("GET")
    api.HandleFunc("/community/show", CommunityShowHandler).Methods("GET")
    api.HandleFunc("/community/create", CommunityCreateHandler).Methods("POST")
    api.HandleFunc("/community/edit", CommunityEditHandler).Methods("GET")

    static := router.PathPrefix("/").Subrouter()
    static.Methods("GET").Handler(http.FileServer(http.Dir("webapp/public")))

    go func() {
        if err := http.ListenAndServe(":8080", Log(router)); err != nil {
            log.Fatal(err)
        }
    }()

    if err := http.ListenAndServeTLS(":8443", "ssl/mango.dev.crt", "ssl/mango.dev.pem", Log(router)); err != nil {
        log.Fatal(err)
    }
}

handlers.go

func UserAuthenticateHandler(w http.ResponseWriter, r *http.Request) {
// ...
    if valid {
        tu.Name = user.UserProfile.Name
        data["user"] = tu
        data["redirect"] = "/user/profile"
        user.Login(r.UserAgent(), r.RemoteAddr)
        session, _ := sessionStore.Get(r, "p")
        session.Values["user"] = user.Id.Hex()
        if tc.Rememberme {
            session.Options = &sessions.Options{
                Domain: ".mango.dev",
                Path:   "/",
                MaxAge: 86400 * 30 * 12,
            }
        }
        session.Save(r, w)
}
英文:

Ok where to start...

The problem is when I set the session's Path to "/" the session doesn't get saved.

And I set Path because when posting to a path that is not the path where the session gets saved, aka session.Save() is called the session value "user" is empty|nil|not set.
So I set Path: "/", but the session isn't saved. When checking Chromium I see that the cookie is set. I don't know where the problem is. Is it in gorilla/sessions? Is it in AngularJS? HTML5 mode is off in angular.

So to rephrase, this happens because /api/1.0/community is a different path than /api/1.0/user where the sessions.Save(r,w) function is called and that's why I set Path: "/", . But when Path is "/" the session value "user" isn't saved.

main.go

var (
	sessionStore    *sessions.CookieStore
	sessionAuthKey  []byte      = make([]byte, 64)
	sessionCryptKey []byte      = make([]byte, 32)
	router          *mux.Router = mux.NewRouter()
)

func init() {
	// Generate Session Secret
	sessionAuthKey = securecookie.GenerateRandomKey(64)
	sessionCryptKey = securecookie.GenerateRandomKey(32)

	// Create Session
	sessionStore = sessions.NewCookieStore(sessionAuthKey, sessionCryptKey)
	sessionStore.Options = &sessions.Options{
		Domain: ".mango.dev",
		Path:   "/",
		MaxAge: 0,
	}
}

func main() {
	api := router.PathPrefix("/api/1.0").Subrouter()
	api.HandleFunc("/user/register", UserRegisterHandler).Methods("POST")
	api.HandleFunc("/user/authenticate", UserAuthenticateHandler).Methods("POST")
	api.HandleFunc("/user/endsession", UserLogoutHandler).Methods("POST")
	api.HandleFunc("/user/profile", UserProfileHandler).Methods("GET")
	api.HandleFunc("/user/profile", UserUpdateProfileHandler).Methods("POST")
	api.HandleFunc("/user/reset_request", UserResetRequestHandler).Methods("POST")
	api.HandleFunc("/user/reset_password", UserResetPasswordHandler).Methods("POST")
	api.HandleFunc("/user/loginstatus", UserLoginStatusHandler).Methods("GET")
	api.HandleFunc("/forums/directory", ForumsDirectoryHandler).Methods("GET")
	api.HandleFunc("/community/list", CommunityListHandler).Methods("GET")
	api.HandleFunc("/community/show", CommunityShowHandler).Methods("GET")
	api.HandleFunc("/community/create", CommunityCreateHandler).Methods("POST")
	api.HandleFunc("/community/edit", CommunityEditHandler).Methods("GET")

	static := router.PathPrefix("/").Subrouter()
	static.Methods("GET").Handler(http.FileServer(http.Dir("webapp/public")))

	go func() {
		if err := http.ListenAndServe(":8080", Log(router)); err != nil {
			log.Fatal(err)
		}
	}()

	if err := http.ListenAndServeTLS(":8443", "ssl/mango.dev.crt", "ssl/mango.dev.pem", Log(router)); err != nil {
		log.Fatal(err)
	}
}

handlers.go

func UserAuthenticateHandler(w http.ResponseWriter, r *http.Request) {
// ...
	if valid {
		tu.Name = user.UserProfile.Name
		data["user"] = tu
		data["redirect"] = "/user/profile"
		user.Login(r.UserAgent(), r.RemoteAddr)
		session, _ := sessionStore.Get(r, "p")
		session.Values["user"] = user.Id.Hex()
		if tc.Rememberme {
			session.Options = &sessions.Options{
				Domain: ".mango.dev",
				Path:   "/",
				MaxAge: 86400 * 30 * 12,
			}
		}
		session.Save(r, w)
}

答案1

得分: 0

问题是 dundundun 我之前存储了旧的 cookie,路径为 "/api/1.0/user",显然这导致了问题,因为我想象长或深的路径优先于较短的根路径,这在回顾时是完全有道理的。

英文:

The problem was dundundun I had old cookies stored from before the change that had the Path "/api/1.0/user" and apparently this caused a problem since, I imagine, the longer or deeper path has priority over the shorter, root path, which makes perfect sense in retrospect.

huangapple
  • 本文由 发表于 2014年1月19日 20:11:05
  • 转载请务必保留本文链接:https://go.coder-hub.com/21216580.html
  • angularjs
  • go
  • session
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定