mirror of
https://github.com/astaxie/beego.git
synced 2024-12-23 07:10:49 +00:00
Merge pull request #1539 from ysqi/develop
change get sessionID logic from cookie
This commit is contained in:
commit
ecc6bcba3f
@ -53,3 +53,44 @@ func TestCookie(t *testing.T) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestDestorySessionCookie(t *testing.T) {
|
||||
config := `{"cookieName":"gosessionid","enableSetCookie":true,"gclifetime":3600,"ProviderConfig":"{\"cookieName\":\"gosessionid\",\"securityKey\":\"beegocookiehashkey\"}"}`
|
||||
globalSessions, err := NewManager("cookie", config)
|
||||
if err != nil {
|
||||
t.Fatal("init cookie session err", err)
|
||||
}
|
||||
|
||||
r, _ := http.NewRequest("GET", "/", nil)
|
||||
w := httptest.NewRecorder()
|
||||
session, err := globalSessions.SessionStart(w, r)
|
||||
if err != nil {
|
||||
t.Fatal("session start err,", err)
|
||||
}
|
||||
|
||||
// request again ,will get same sesssion id .
|
||||
r1, _ := http.NewRequest("GET", "/", nil)
|
||||
r1.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
|
||||
w = httptest.NewRecorder()
|
||||
newSession, err := globalSessions.SessionStart(w, r1)
|
||||
if err != nil {
|
||||
t.Fatal("session start err,", err)
|
||||
}
|
||||
if newSession.SessionID() != session.SessionID() {
|
||||
t.Fatal("get cookie session id is not the same again.")
|
||||
}
|
||||
|
||||
// After destory session , will get a new session id .
|
||||
globalSessions.SessionDestroy(w, r1)
|
||||
r2, _ := http.NewRequest("GET", "/", nil)
|
||||
r2.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
|
||||
|
||||
w = httptest.NewRecorder()
|
||||
newSession, err = globalSessions.SessionStart(w, r2)
|
||||
if err != nil {
|
||||
t.Fatal("session start error")
|
||||
}
|
||||
if newSession.SessionID() == session.SessionID() {
|
||||
t.Fatal("after destory session and reqeust again ,get cookie session id is same.")
|
||||
}
|
||||
}
|
||||
|
@ -142,7 +142,7 @@ func NewManager(provideName, config string) (*Manager, error) {
|
||||
// otherwise return an valid session id.
|
||||
func (manager *Manager) getSid(r *http.Request) (string, error) {
|
||||
cookie, errs := r.Cookie(manager.config.CookieName)
|
||||
if errs != nil || cookie.Value == "" {
|
||||
if errs != nil || cookie.Value == "" || cookie.MaxAge < 0 {
|
||||
errs := r.ParseForm()
|
||||
if errs != nil {
|
||||
return "", errs
|
||||
@ -202,13 +202,16 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
manager.provider.SessionDestroy(cookie.Value)
|
||||
expiration := time.Now()
|
||||
cookie = &http.Cookie{Name: manager.config.CookieName,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
Expires: expiration,
|
||||
MaxAge: -1}
|
||||
http.SetCookie(w, cookie)
|
||||
if manager.config.EnableSetCookie {
|
||||
expiration := time.Now()
|
||||
cookie = &http.Cookie{Name: manager.config.CookieName,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
Expires: expiration,
|
||||
MaxAge: -1}
|
||||
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
}
|
||||
|
||||
// GetSessionStore Get SessionStore by its id.
|
||||
@ -231,7 +234,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
|
||||
return
|
||||
}
|
||||
cookie, err := r.Cookie(manager.config.CookieName)
|
||||
if err != nil && cookie.Value == "" {
|
||||
if err != nil || cookie.Value == "" {
|
||||
//delete old cookie
|
||||
session, _ = manager.provider.SessionRead(sid)
|
||||
cookie = &http.Cookie{Name: manager.config.CookieName,
|
||||
@ -252,7 +255,9 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
|
||||
cookie.MaxAge = manager.config.CookieLifeTime
|
||||
cookie.Expires = time.Now().Add(time.Duration(manager.config.CookieLifeTime) * time.Second)
|
||||
}
|
||||
http.SetCookie(w, cookie)
|
||||
if manager.config.EnableSetCookie {
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
r.AddCookie(cookie)
|
||||
return
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user