英文:
Gorilla Sessions - How to Automatically Update Cookie Expiration on Request?
问题
我知道许多其他语言和Web框架会在每次通过后端访问会话时(或类似操作)自动更新cookie的过期时间为会话超时时间。我不认为Gorilla提供这种功能。
我考虑编写一些请求中间件,如果检测到有效会话,将延长cookie的生存时间,但我想知道是否有更好的方法。
关于更新cookie过期时间的最佳实践,特别是与Gorilla/Go相关的,有哪些呢?
英文:
I know many other languages and web frameworks will automatically update a cookie's expiration time to the session timeout every time a session is accessed via the backend (or some action like that). I don't believe Gorilla provides this utility.
I am consider just writing some request middleware that, if it detects a valid session, will extend the cookie lifetime but I am wondering if there is a better method of doing this.
What are the best practices for updating cookie expiration, especially as they pertain to Gorilla/Go?
答案1
得分: 1
你可以简单地实现自己的Store
,建立在现有会话存储(如CookieStore
)之上,但在Save
调用期间使用某些规则自动更新过期时间。
英文:
You could simply implement your own Store
that builds on top of an existing session store like the CookieStore
, but uses some rule to automatically update the expiration during a Save
call.
答案2
得分: 1
如果您设置了cookie的Max-Age参数,就不需要再设置Expiry,除非您需要支持不理解Max-Age的旧浏览器。
只使用Max-Age意味着您不需要在每个请求中更新它。
设置规范:https://www.rfc-editor.org/rfc/rfc6265#section-4.1.2
英文:
If you set the Max-Age parameter of the cookie, you don't need to set Expiry as well, unless you need to support old browsers that don't understand Max-Age.
Using only Max-Age means you don't need to update it on every request.
Set the spec: https://www.rfc-editor.org/rfc/rfc6265#section-4.1.2
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论