diff --git a/controller.go b/controller.go index 0e8853b3..5ebc4d9e 100644 --- a/controller.go +++ b/controller.go @@ -255,7 +255,7 @@ func (c *Controller) RenderString() (string, error) { // RenderBytes returns the bytes of rendered template string. Do not send out response. func (c *Controller) RenderBytes() ([]byte, error) { buf, err := c.renderTemplate() - //if the controller has set layout, then first get the tplName's content set the content to the layout + // if the controller has set layout, then first get the tplName's content set the content to the layout if err == nil && c.Layout != "" { c.Data["LayoutContent"] = template.HTML(buf.String()) @@ -642,12 +642,13 @@ func (c *Controller) DelSession(name interface{}) { // SessionRegenerateID regenerates session id for this session. // the session data have no changes. -func (c *Controller) SessionRegenerateID() { +func (c *Controller) SessionRegenerateID() (err error) { if c.CruSession != nil { c.CruSession.SessionRelease(c.Ctx.ResponseWriter) } - c.CruSession = GlobalSessions.SessionRegenerateID(c.Ctx.ResponseWriter, c.Ctx.Request) + c.CruSession, err = GlobalSessions.SessionRegenerateID(c.Ctx.ResponseWriter, c.Ctx.Request) c.Ctx.Input.CruSession = c.CruSession + return } // DestroySession cleans session data and session cookie. diff --git a/session/session.go b/session/session.go index 4532a959..932e0915 100644 --- a/session/session.go +++ b/session/session.go @@ -295,15 +295,19 @@ func (manager *Manager) GC() { } // SessionRegenerateID Regenerate a session id for this SessionStore who's id is saving in http request. -func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (session Store) { +func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (Store, error) { sid, err := manager.sessionID() if err != nil { - return + return nil, err } + var session Store cookie, err := r.Cookie(manager.config.CookieName) if err != nil || cookie.Value == "" { - //delete old cookie - session, _ = manager.provider.SessionRead(sid) + // delete old cookie + session, err = manager.provider.SessionRead(sid) + if err != nil { + return nil, err + } cookie = &http.Cookie{Name: manager.config.CookieName, Value: url.QueryEscape(sid), Path: "/", @@ -313,8 +317,14 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque SameSite: manager.config.CookieSameSite, } } else { - oldsid, _ := url.QueryUnescape(cookie.Value) - session, _ = manager.provider.SessionRegenerate(oldsid, sid) + oldsid, err := url.QueryUnescape(cookie.Value) + if err != nil { + return nil, err + } + session, err = manager.provider.SessionRegenerate(oldsid, sid) + if err != nil { + return nil, err + } cookie.Value = url.QueryEscape(sid) cookie.HttpOnly = true cookie.Path = "/" @@ -333,7 +343,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque w.Header().Set(manager.config.SessionNameInHTTPHeader, sid) } - return + return session, nil } // GetActiveSession Get all active sessions count number.