Merge branch 'master' into dev

Former-commit-id: 451baf594a5fb7f288291cdd73b86998cb364af4
2025-02-02 15:30:36 +01:00 · 2017-12-13 14:46:45 +02:00 · 2017-12-13 14:46:45 +02:00 · 43c330f338
commit 43c330f338
parent 8dcbdc0741 ea863914dc
5 changed files with 17 additions and 4 deletions
--- a/Gopkg.lock
+++ b/Gopkg.lock
@ -119,7 +119,7 @@
  branch = "master"
  name = "github.com/json-iterator/go"
  packages = ["."]
-  revision = "2dc0031b26575ddf5dab09ab7795105a05575473"
+  revision = "13f86432b882000a51c6e610c620974462691a97"

 [[projects]]
  branch = "master"
--- a/context/context.go
+++ b/context/context.go
@ -2542,7 +2542,7 @@ func (ctx *context) RemoveCookie(name string) {
 	c.Expires = exp
 	c.MaxAge = -1
 	ctx.SetCookie(c)
-	// delete request's cookie also, which is temporary available
+	// delete request's cookie also, which is temporary available.
 	ctx.request.Header.Set("Cookie", "")
 }

--- a/sessions/config.go
+++ b/sessions/config.go
@ -56,6 +56,13 @@ type (
 		// Defaults to false.
 		CookieSecureTLS bool

+		// AllowReclaim will allow to
+		// Destroy and Start a session in the same request handler.
+		// All it does is that it removes the cookie for both `Request` and `ResponseWriter`.
+		//
+		// Defaults to false.
+		AllowReclaim bool
+
 		// Encode the cookie value if not nil.
 		// Should accept as first argument the cookie name (config.Cookie)
 		//         as second argument the server's generated session id.
--- a/sessions/cookie.go
+++ b/sessions/cookie.go
@ -38,7 +38,8 @@ func AddCookie(ctx context.Context, cookie *http.Cookie) {
 }

 // RemoveCookie deletes a cookie by it's name/key
-func RemoveCookie(ctx context.Context, name string) {
+// If "purge" is true then it removes the, temp, cookie from the request as well.
+func RemoveCookie(ctx context.Context, name string, purge bool) {
 	c, err := ctx.Request().Cookie(name)
 	if err != nil {
 		return
@ -50,6 +51,11 @@ func RemoveCookie(ctx context.Context, name string) {
 	c.Value = ""
 	c.Path = "/"
 	AddCookie(ctx, c)
+
+	if purge {
+		// delete request's cookie also, which is temporary available.
+		ctx.Request().Header.Set("Cookie", "")
+	}
 }

 // IsValidCookieDomain returns true if the receiver is a valid domain to set
--- a/sessions/sessions.go
+++ b/sessions/sessions.go
@ -146,7 +146,7 @@ func (s *Sessions) Destroy(ctx context.Context) {
 	if cookieValue == "" { // nothing to destroy
 		return
 	}
-	RemoveCookie(ctx, s.config.Cookie)
+	RemoveCookie(ctx, s.config.Cookie, s.config.AllowReclaim)

 	s.provider.Destroy(cookieValue)
 }