Golang Echo – 中间件在不返回 next 时仍然执行下一个路由

huangapple go评论81阅读模式
英文:

Golang Echo - middleware still executing next route when not returning next

问题

我正在尝试使用一个身份验证中间件,该中间件检查用户是否已连接并具有会话,然后再执行路由,但似乎我的中间件没有停止执行路由并执行下一个路由,即使我没有调用next()。

这是我的代码:


func checkUserAuth(next echo.HandlerFunc) echo.HandlerFunc {
	return func(c echo.Context) error {
		if err := next(c); err != nil {
			c.Error(err)
		}
		
		currSess, _ := session.Get("session", c)
		
		if userId, ok := currSess.Values["user_id"].(string); ok {
			fmt.Println("User is currently connected with id", userId);
			return next(c)
			
		} 
		// 即使中间件到达这里,它仍然执行下一个路由,为什么?
		return echo.ErrUnauthorized
	}
}

func main() {
	e := echo.New()

	e.Use(checkUserAuth)
	e.Use(session.Middleware(store))

	e.GET("/", func(c echo.Context) error {
		sess, _ := session.Get("session", c)
		
		fmt.Println("got session" , sess.Values["user_id"], "id", sess.ID)

		return c.String(http.StatusOK, "Hello")
	})

   e.GET("/session", func(c echo.Context) error {
		sess, _ := session.Get("session", c)
        //test
	    sess.Values["user_id"] = rand.Intn(50000)
	
	    sess.Save(c.Request(), c.Response())

		return c.String(http.StatusOK, "session saved")
	})
}

当我向/路由发送GET请求时,中间件被正确执行并到达return echo.ErrUnauthorized语句,但是/仍然被执行,我没有收到任何401状态码。

谢谢。

英文:

I am trying to use an authentication middleware that checks if the user is currently connected and have a session before executing a route, but it seems like my middleware is not stopping the execution of the route and executing the next one even I am not calling next().

This is my code :


func checkUserAuth(next echo.HandlerFunc) echo.HandlerFunc {
	return func(c echo.Context) error {
		if err := next(c); err != nil {
			c.Error(err)
		}
		
		currSess, _ := session.Get("session", c)
		
		if userId, ok := currSess.Values["user_id"].(string); ok {
			fmt.Println("User is currently connected with id", userId);
			return next(c)
			
		} 
		// Even if middleware reaches here, it still execute the next route, why?
		return echo.ErrUnauthorized
	}
}

func main() {
	e := echo.New()

	e.Use(checkUserAuth)
	e.Use(session.Middleware(store))

	e.GET("/", func(c echo.Context) error {
		sess, _ := session.Get("session", c)
		
		fmt.Println("got session" , sess.Values["user_id"], "id", sess.ID)

		return c.String(http.StatusOK, "Hello")
	})

   e.GET("/session", func(c echo.Context) error {
		sess, _ := session.Get("session", c)
        //test
	    sess.Values["user_id"] = rand.Intn(50000)
	
	    sess.Save(c.Request(), c.Response())

		return c.String(http.StatusOK, "session saved")
	})

When I send a GET request to the / route, the middleware is executed correctly and reaches the return echo.ErrUnauthorized statement, but then the / still gets executed regardless and I don't get any 401 status code.

Thanks

答案1

得分: 1

在你的 checkUserAuth 中移除以下代码块:

if err := next(c); err != nil {
    c.Error(err)
}

在你的中间件中,首先触发的是 next() 函数。

英文:

on your checkUserAuth remove the

if err := next(c); err != nil {
c.Error(err)
}

next() is triggered first in your middleware.

huangapple
  • 本文由 发表于 2022年1月13日 23:29:37
  • 转载请务必保留本文链接:https://go.coder-hub.com/70699086.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定