Merge pull request #4324 from flycash/fix4321

Expose error from SessionRegenerateID
2024-11-23 20:00:54 +00:00 · 2020-11-26 18:06:40 +08:00 · 2020-11-26 18:06:40 +08:00 · 3d93903f9e
commit 3d93903f9e
parent cbbb6bfb08 2781f88173
2 changed files with 21 additions and 10 deletions
--- a/controller.go
+++ b/controller.go
@ -255,7 +255,7 @@ func (c *Controller) RenderString() (string, error) {
 // RenderBytes returns the bytes of rendered template string. Do not send out response.
 func (c *Controller) RenderBytes() ([]byte, error) {
 	buf, err := c.renderTemplate()
-	//if the controller has set layout, then first get the tplName's content set the content to the layout
+	// if the controller has set layout, then first get the tplName's content set the content to the layout
 	if err == nil && c.Layout != "" {
 		c.Data["LayoutContent"] = template.HTML(buf.String())
@ -642,12 +642,13 @@ func (c *Controller) DelSession(name interface{}) {
 // SessionRegenerateID regenerates session id for this session.
 // the session data have no changes.
-func (c *Controller) SessionRegenerateID() {
+func (c *Controller) SessionRegenerateID() (err error) {
 	if c.CruSession != nil {
 		c.CruSession.SessionRelease(c.Ctx.ResponseWriter)
 	}
-	c.CruSession = GlobalSessions.SessionRegenerateID(c.Ctx.ResponseWriter, c.Ctx.Request)
+	c.CruSession, err = GlobalSessions.SessionRegenerateID(c.Ctx.ResponseWriter, c.Ctx.Request)
 	c.Ctx.Input.CruSession = c.CruSession
 	return
 }
 // DestroySession cleans session data and session cookie.
--- a/session/session.go
+++ b/session/session.go
@ -295,15 +295,19 @@ func (manager *Manager) GC() {
 }
 // SessionRegenerateID Regenerate a session id for this SessionStore who's id is saving in http request.
-func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (session Store) {
+func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Request) (Store, error) {
 	sid, err := manager.sessionID()
 	if err != nil {
-		return
+		return nil, err
 	}
 	var session Store
 	cookie, err := r.Cookie(manager.config.CookieName)
 	if err != nil || cookie.Value == "" {
-		//delete old cookie
+		// delete old cookie
-		session, _ = manager.provider.SessionRead(sid)
+		session, err = manager.provider.SessionRead(sid)
 		if err != nil {
 			return nil, err
 		}
 		cookie = &http.Cookie{Name: manager.config.CookieName,
 			Value:    url.QueryEscape(sid),
 			Path:     "/",
@ -313,8 +317,14 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
 			SameSite: manager.config.CookieSameSite,
 		}
 	} else {
-		oldsid, _ := url.QueryUnescape(cookie.Value)
+		oldsid, err := url.QueryUnescape(cookie.Value)
-		session, _ = manager.provider.SessionRegenerate(oldsid, sid)
+		if err != nil {
 			return nil, err
 		}
 		session, err = manager.provider.SessionRegenerate(oldsid, sid)
 		if err != nil {
 			return nil, err
 		}
 		cookie.Value = url.QueryEscape(sid)
 		cookie.HttpOnly = true
 		cookie.Path = "/"
@ -333,7 +343,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
 		w.Header().Set(manager.config.SessionNameInHTTPHeader, sid)
 	}
-	return
+	return session, nil
 }
 // GetActiveSession Get all active sessions count number.