英文:
Golang Echo - middleware still executing next route when not returning next
问题
我正在尝试使用一个身份验证中间件,该中间件检查用户是否已连接并具有会话,然后再执行路由,但似乎我的中间件没有停止执行路由并执行下一个路由,即使我没有调用next()。
这是我的代码:
func checkUserAuth(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
if err := next(c); err != nil {
c.Error(err)
}
currSess, _ := session.Get("session", c)
if userId, ok := currSess.Values["user_id"].(string); ok {
fmt.Println("User is currently connected with id", userId);
return next(c)
}
// 即使中间件到达这里,它仍然执行下一个路由,为什么?
return echo.ErrUnauthorized
}
}
func main() {
e := echo.New()
e.Use(checkUserAuth)
e.Use(session.Middleware(store))
e.GET("/", func(c echo.Context) error {
sess, _ := session.Get("session", c)
fmt.Println("got session" , sess.Values["user_id"], "id", sess.ID)
return c.String(http.StatusOK, "Hello")
})
e.GET("/session", func(c echo.Context) error {
sess, _ := session.Get("session", c)
//test
sess.Values["user_id"] = rand.Intn(50000)
sess.Save(c.Request(), c.Response())
return c.String(http.StatusOK, "session saved")
})
}
当我向/
路由发送GET请求时,中间件被正确执行并到达return echo.ErrUnauthorized
语句,但是/
仍然被执行,我没有收到任何401状态码。
谢谢。
英文:
I am trying to use an authentication middleware that checks if the user is currently connected and have a session before executing a route, but it seems like my middleware is not stopping the execution of the route and executing the next one even I am not calling next().
This is my code :
func checkUserAuth(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
if err := next(c); err != nil {
c.Error(err)
}
currSess, _ := session.Get("session", c)
if userId, ok := currSess.Values["user_id"].(string); ok {
fmt.Println("User is currently connected with id", userId);
return next(c)
}
// Even if middleware reaches here, it still execute the next route, why?
return echo.ErrUnauthorized
}
}
func main() {
e := echo.New()
e.Use(checkUserAuth)
e.Use(session.Middleware(store))
e.GET("/", func(c echo.Context) error {
sess, _ := session.Get("session", c)
fmt.Println("got session" , sess.Values["user_id"], "id", sess.ID)
return c.String(http.StatusOK, "Hello")
})
e.GET("/session", func(c echo.Context) error {
sess, _ := session.Get("session", c)
//test
sess.Values["user_id"] = rand.Intn(50000)
sess.Save(c.Request(), c.Response())
return c.String(http.StatusOK, "session saved")
})
When I send a GET request to the /
route, the middleware is executed correctly and reaches the return echo.ErrUnauthorized
statement, but then the /
still gets executed regardless and I don't get any 401 status code.
Thanks
答案1
得分: 1
在你的 checkUserAuth
中移除以下代码块:
if err := next(c); err != nil {
c.Error(err)
}
在你的中间件中,首先触发的是 next()
函数。
英文:
on your checkUserAuth
remove the
if err := next(c); err != nil {
c.Error(err)
}
next() is triggered first in your middleware.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论