Commit 80912b62 authored by ysqi's avatar ysqi

change get sessionID logic from cookie

parent 3fdf72f1
...@@ -53,3 +53,44 @@ func TestCookie(t *testing.T) { ...@@ -53,3 +53,44 @@ func TestCookie(t *testing.T) {
} }
} }
} }
func TestDestorySessionCookie(t *testing.T) {
config := `{"cookieName":"gosessionid","enableSetCookie":true,"gclifetime":3600,"ProviderConfig":"{\"cookieName\":\"gosessionid\",\"securityKey\":\"beegocookiehashkey\"}"}`
globalSessions, err := NewManager("cookie", config)
if err != nil {
t.Fatal("init cookie session err", err)
}
r, _ := http.NewRequest("GET", "/", nil)
w := httptest.NewRecorder()
session, err := globalSessions.SessionStart(w, r)
if err != nil {
t.Fatal("session start err,", err)
}
// request again ,will get same sesssion id .
r1, _ := http.NewRequest("GET", "/", nil)
r1.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
w = httptest.NewRecorder()
newSession, err := globalSessions.SessionStart(w, r1)
if err != nil {
t.Fatal("session start err,", err)
}
if newSession.SessionID() != session.SessionID() {
t.Fatal("get cookie session id is not the same again.")
}
// After destory session , will get a new session id .
globalSessions.SessionDestroy(w, r1)
r2, _ := http.NewRequest("GET", "/", nil)
r2.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
w = httptest.NewRecorder()
newSession, err = globalSessions.SessionStart(w, r2)
if err != nil {
t.Fatal("session start error")
}
if newSession.SessionID() == session.SessionID() {
t.Fatal("after destory session and reqeust again ,get cookie session id is same.")
}
}
...@@ -142,7 +142,7 @@ func NewManager(provideName, config string) (*Manager, error) { ...@@ -142,7 +142,7 @@ func NewManager(provideName, config string) (*Manager, error) {
// otherwise return an valid session id. // otherwise return an valid session id.
func (manager *Manager) getSid(r *http.Request) (string, error) { func (manager *Manager) getSid(r *http.Request) (string, error) {
cookie, errs := r.Cookie(manager.config.CookieName) cookie, errs := r.Cookie(manager.config.CookieName)
if errs != nil || cookie.Value == "" { if errs != nil || cookie.Value == "" || cookie.MaxAge < 0 {
errs := r.ParseForm() errs := r.ParseForm()
if errs != nil { if errs != nil {
return "", errs return "", errs
...@@ -202,13 +202,16 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) { ...@@ -202,13 +202,16 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
return return
} }
manager.provider.SessionDestroy(cookie.Value) manager.provider.SessionDestroy(cookie.Value)
if manager.config.EnableSetCookie {
expiration := time.Now() expiration := time.Now()
cookie = &http.Cookie{Name: manager.config.CookieName, cookie = &http.Cookie{Name: manager.config.CookieName,
Path: "/", Path: "/",
HttpOnly: true, HttpOnly: true,
Expires: expiration, Expires: expiration,
MaxAge: -1} MaxAge: -1}
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
}
} }
// GetSessionStore Get SessionStore by its id. // GetSessionStore Get SessionStore by its id.
...@@ -231,7 +234,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque ...@@ -231,7 +234,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
return return
} }
cookie, err := r.Cookie(manager.config.CookieName) cookie, err := r.Cookie(manager.config.CookieName)
if err != nil && cookie.Value == "" { if err != nil || cookie.Value == "" {
//delete old cookie //delete old cookie
session, _ = manager.provider.SessionRead(sid) session, _ = manager.provider.SessionRead(sid)
cookie = &http.Cookie{Name: manager.config.CookieName, cookie = &http.Cookie{Name: manager.config.CookieName,
...@@ -252,7 +255,9 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque ...@@ -252,7 +255,9 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
cookie.MaxAge = manager.config.CookieLifeTime cookie.MaxAge = manager.config.CookieLifeTime
cookie.Expires = time.Now().Add(time.Duration(manager.config.CookieLifeTime) * time.Second) cookie.Expires = time.Now().Add(time.Duration(manager.config.CookieLifeTime) * time.Second)
} }
if manager.config.EnableSetCookie {
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
}
r.AddCookie(cookie) r.AddCookie(cookie)
return return
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment