英文:
go gorilla/sessions angularjs and path, session values not saved (find the bug/place the blame)
问题
好的,下面是翻译好的内容:
好,从哪里开始呢...
问题是当我将会话的Path设置为"/"时,会话没有被保存。
我设置Path是因为当我向不是会话保存路径的路径发送请求时,也就是调用了session.Save()函数时,会话值"user"是空的|nil|未设置。
所以我设置了Path: "/",但是会话没有被保存。当我检查Chromium时,我看到cookie已经设置了。我不知道问题出在哪里。是在gorilla/sessions中吗?还是在AngularJS中?Angular中的HTML5模式已关闭。
所以换句话说,这是因为/api/1.0/community是一个不同的路径,而不是/api/1.0/user,在这个路径上调用了sessions.Save(r,w)函数,所以我设置了Path: "/"。但是当Path是"/"时,会话值"user"没有被保存。
main.go
var (
sessionStore *sessions.CookieStore
sessionAuthKey []byte = make([]byte, 64)
sessionCryptKey []byte = make([]byte, 32)
router *mux.Router = mux.NewRouter()
)
func init() {
// 生成会话密钥
sessionAuthKey = securecookie.GenerateRandomKey(64)
sessionCryptKey = securecookie.GenerateRandomKey(32)
// 创建会话
sessionStore = sessions.NewCookieStore(sessionAuthKey, sessionCryptKey)
sessionStore.Options = &sessions.Options{
Domain: ".mango.dev",
Path: "/",
MaxAge: 0,
}
}
func main() {
api := router.PathPrefix("/api/1.0").Subrouter()
api.HandleFunc("/user/register", UserRegisterHandler).Methods("POST")
api.HandleFunc("/user/authenticate", UserAuthenticateHandler).Methods("POST")
api.HandleFunc("/user/endsession", UserLogoutHandler).Methods("POST")
api.HandleFunc("/user/profile", UserProfileHandler).Methods("GET")
api.HandleFunc("/user/profile", UserUpdateProfileHandler).Methods("POST")
api.HandleFunc("/user/reset_request", UserResetRequestHandler).Methods("POST")
api.HandleFunc("/user/reset_password", UserResetPasswordHandler).Methods("POST")
api.HandleFunc("/user/loginstatus", UserLoginStatusHandler).Methods("GET")
api.HandleFunc("/forums/directory", ForumsDirectoryHandler).Methods("GET")
api.HandleFunc("/community/list", CommunityListHandler).Methods("GET")
api.HandleFunc("/community/show", CommunityShowHandler).Methods("GET")
api.HandleFunc("/community/create", CommunityCreateHandler).Methods("POST")
api.HandleFunc("/community/edit", CommunityEditHandler).Methods("GET")
static := router.PathPrefix("/").Subrouter()
static.Methods("GET").Handler(http.FileServer(http.Dir("webapp/public")))
go func() {
if err := http.ListenAndServe(":8080", Log(router)); err != nil {
log.Fatal(err)
}
}()
if err := http.ListenAndServeTLS(":8443", "ssl/mango.dev.crt", "ssl/mango.dev.pem", Log(router)); err != nil {
log.Fatal(err)
}
}
handlers.go
func UserAuthenticateHandler(w http.ResponseWriter, r *http.Request) {
// ...
if valid {
tu.Name = user.UserProfile.Name
data["user"] = tu
data["redirect"] = "/user/profile"
user.Login(r.UserAgent(), r.RemoteAddr)
session, _ := sessionStore.Get(r, "p")
session.Values["user"] = user.Id.Hex()
if tc.Rememberme {
session.Options = &sessions.Options{
Domain: ".mango.dev",
Path: "/",
MaxAge: 86400 * 30 * 12,
}
}
session.Save(r, w)
}
英文:
Ok where to start...
The problem is when I set the session's Path to "/" the session doesn't get saved.
And I set Path because when posting to a path that is not the path where the session gets saved, aka session.Save() is called the session value "user" is empty|nil|not set.
So I set Path: "/", but the session isn't saved. When checking Chromium I see that the cookie is set. I don't know where the problem is. Is it in gorilla/sessions? Is it in AngularJS? HTML5 mode is off in angular.
So to rephrase, this happens because /api/1.0/community is a different path than /api/1.0/user where the sessions.Save(r,w) function is called and that's why I set Path: "/", . But when Path is "/" the session value "user" isn't saved.
main.go
var (
sessionStore *sessions.CookieStore
sessionAuthKey []byte = make([]byte, 64)
sessionCryptKey []byte = make([]byte, 32)
router *mux.Router = mux.NewRouter()
)
func init() {
// Generate Session Secret
sessionAuthKey = securecookie.GenerateRandomKey(64)
sessionCryptKey = securecookie.GenerateRandomKey(32)
// Create Session
sessionStore = sessions.NewCookieStore(sessionAuthKey, sessionCryptKey)
sessionStore.Options = &sessions.Options{
Domain: ".mango.dev",
Path: "/",
MaxAge: 0,
}
}
func main() {
api := router.PathPrefix("/api/1.0").Subrouter()
api.HandleFunc("/user/register", UserRegisterHandler).Methods("POST")
api.HandleFunc("/user/authenticate", UserAuthenticateHandler).Methods("POST")
api.HandleFunc("/user/endsession", UserLogoutHandler).Methods("POST")
api.HandleFunc("/user/profile", UserProfileHandler).Methods("GET")
api.HandleFunc("/user/profile", UserUpdateProfileHandler).Methods("POST")
api.HandleFunc("/user/reset_request", UserResetRequestHandler).Methods("POST")
api.HandleFunc("/user/reset_password", UserResetPasswordHandler).Methods("POST")
api.HandleFunc("/user/loginstatus", UserLoginStatusHandler).Methods("GET")
api.HandleFunc("/forums/directory", ForumsDirectoryHandler).Methods("GET")
api.HandleFunc("/community/list", CommunityListHandler).Methods("GET")
api.HandleFunc("/community/show", CommunityShowHandler).Methods("GET")
api.HandleFunc("/community/create", CommunityCreateHandler).Methods("POST")
api.HandleFunc("/community/edit", CommunityEditHandler).Methods("GET")
static := router.PathPrefix("/").Subrouter()
static.Methods("GET").Handler(http.FileServer(http.Dir("webapp/public")))
go func() {
if err := http.ListenAndServe(":8080", Log(router)); err != nil {
log.Fatal(err)
}
}()
if err := http.ListenAndServeTLS(":8443", "ssl/mango.dev.crt", "ssl/mango.dev.pem", Log(router)); err != nil {
log.Fatal(err)
}
}
handlers.go
func UserAuthenticateHandler(w http.ResponseWriter, r *http.Request) {
// ...
if valid {
tu.Name = user.UserProfile.Name
data["user"] = tu
data["redirect"] = "/user/profile"
user.Login(r.UserAgent(), r.RemoteAddr)
session, _ := sessionStore.Get(r, "p")
session.Values["user"] = user.Id.Hex()
if tc.Rememberme {
session.Options = &sessions.Options{
Domain: ".mango.dev",
Path: "/",
MaxAge: 86400 * 30 * 12,
}
}
session.Save(r, w)
}
答案1
得分: 0
问题是 dundundun 我之前存储了旧的 cookie,路径为 "/api/1.0/user",显然这导致了问题,因为我想象长或深的路径优先于较短的根路径,这在回顾时是完全有道理的。
英文:
The problem was dundundun I had old cookies stored from before the change that had the Path "/api/1.0/user" and apparently this caused a problem since, I imagine, the longer or deeper path has priority over the shorter, root path, which makes perfect sense in retrospect.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论