1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-26 02:51:28 +00:00

session: #620 make the session never read empty

This commit is contained in:
astaxie 2014-05-27 15:45:35 +08:00
parent c3a23b28ee
commit d2eece9a39
2 changed files with 9 additions and 5 deletions

View File

@ -20,6 +20,8 @@ import (
"io" "io"
"strconv" "strconv"
"time" "time"
"github.com/astaxie/beego/utils"
) )
func init() { func init() {
@ -60,8 +62,8 @@ func DecodeGob(encoded []byte) (map[interface{}]interface{}, error) {
// generateRandomKey creates a random key with the given strength. // generateRandomKey creates a random key with the given strength.
func generateRandomKey(strength int) []byte { func generateRandomKey(strength int) []byte {
k := make([]byte, strength) k := make([]byte, strength)
if _, err := io.ReadFull(rand.Reader, k); err != nil { if n, err := io.ReadFull(rand.Reader, k); n != strength || err != nil {
return nil return utils.RandomCreateBytes(strength)
} }
return k return k
} }

View File

@ -18,6 +18,8 @@ import (
"net/http" "net/http"
"net/url" "net/url"
"time" "time"
"github.com/astaxie/beego/utils"
) )
// SessionStore contains all data for one session process with specific id. // SessionStore contains all data for one session process with specific id.
@ -237,9 +239,9 @@ func (manager *Manager) SetSecure(secure bool) {
// generate session id with rand string, unix nano time, remote addr by hash function. // generate session id with rand string, unix nano time, remote addr by hash function.
func (manager *Manager) sessionId(r *http.Request) (sid string) { func (manager *Manager) sessionId(r *http.Request) (sid string) {
bs := make([]byte, 24) bs := make([]byte, 32)
if _, err := io.ReadFull(rand.Reader, bs); err != nil { if n, err := io.ReadFull(rand.Reader, bs); n != 32 || err != nil {
return "" bs = utils.RandomCreateBytes(32)
} }
sig := fmt.Sprintf("%s%d%s", r.RemoteAddr, time.Now().UnixNano(), bs) sig := fmt.Sprintf("%s%d%s", r.RemoteAddr, time.Now().UnixNano(), bs)
if manager.config.SessionIDHashFunc == "md5" { if manager.config.SessionIDHashFunc == "md5" {