英文:
Logout link screwed up when using cookies in Go
问题
作为一个刚开始做一些网页开发的后端开发者,我在处理cookie和链接方面遇到了一些困难。我正在使用Go语言实现基本的身份验证系统。在登录时,服务器端会设置一个cookie,然后在注销时将其MaxAge设置为-1(同样在服务器端进行)。
所有的事情都在本地运行,所有的cookie都设置为根路径/。
登录:
cookie := http.Cookie{
Name: name,
Value: value,
Domain: "localhost",
Path: "/",
}
注销:
cookie := http.Cookie{
Name: name,
Value: value,
Domain: "localhost",
Path: "/",
MaxAge: -1,
}
此外,注销处理程序在完成后会重定向到根路径。
以下是流程:
- 登录成功
- 注销成功
- 再次登录成功
- 注销将我发送到根路径而不是注销页面(注销使用的是一个普通链接)。它不执行任何操作(不清除会话和其他内容),所以我仍然处于登录状态。
你有任何想法为什么会发生这种情况吗?
英文:
As a backend developer who just started doing some web, I'm struggling with cookies and links. I'm implementing the basic auth system in Go. On sign-in, a cookie is set on the server-side and then its MaxAge is set to -1 on logout (again on server-side).
The things are running locally and all the cookies are set to root Path /
Login:
cookie := http.Cookie{
Name: name,
Value: value,
Domain: "localhost",
Path: "/"
}
Logout:
cookie := http.Cookie{
Name: name,
Value: value,
Domain: "localhost",
Path: "/",
MaxAge: -1,
}
Also, the logout handler redirects to root when it's done.
Here is the flow:
- Log in successful
- Log out successful
- Login in again successful
- Logout sends me to a root instead of a logout page (a plain link is used for logout). It does not do anything (does not clear session and everything else) so I'm still logged in
Do you have any idea why this happens?
答案1
得分: 0
抱歉,信不信由你,那是个打字错误。我错误地使用了301重定向(而不是307)。所以第一次注销路由会以301状态重定向到根目录,每次点击注销链接后会自动重定向到根目录(永久移动)。
英文:
Sorry, believe it or not, it was a typo. I mistakenly used 301 redirections (instead pf 307). So first time logout route redirected to root with 301 status, each next click to Logout link would be automatically directed to root (Moved Pemanently). –
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论