From 859a62bf01b2c8d0ecd1b10ed0fcbbd5e82f52b4 Mon Sep 17 00:00:00 2001 From: Wing Gao Date: Fri, 15 Dec 2017 21:46:18 +0800 Subject: [PATCH 1/2] fix cookie expire equals to -1 when call UpdateExpiration Former-commit-id: 69107db0f9be87db2057c6d261bd896c0358bc45 --- sessions/config.go | 3 ++- sessions/cookie.go | 13 +++++-------- sessions/sessions.go | 5 +++-- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/sessions/config.go b/sessions/config.go index 37d94ca9..ecfd99a6 100644 --- a/sessions/config.go +++ b/sessions/config.go @@ -58,7 +58,8 @@ type ( // AllowReclaim will allow to // Destroy and Start a session in the same request handler. - // All it does is that it removes the cookie for both `Request` and `ResponseWriter`. + // All it does is that it removes the cookie for both `Request` and `ResponseWriter` while `Destroy` + // or add a new cookie to `Request` while `Start`. // // Defaults to false. AllowReclaim bool diff --git a/sessions/cookie.go b/sessions/cookie.go index b4698b39..d95de513 100644 --- a/sessions/cookie.go +++ b/sessions/cookie.go @@ -31,9 +31,11 @@ func GetCookie(ctx context.Context, name string) string { } // AddCookie adds a cookie -func AddCookie(ctx context.Context, cookie *http.Cookie) { +func AddCookie(ctx context.Context, cookie *http.Cookie, reclaim bool) { // http.SetCookie(ctx.ResponseWriter(), cookie) - // ctx.Request().AddCookie(cookie) + if reclaim { + ctx.Request().AddCookie(cookie) + } ctx.SetCookie(cookie) } @@ -50,12 +52,7 @@ func RemoveCookie(ctx context.Context, name string, purge bool) { c.MaxAge = -1 c.Value = "" c.Path = "/" - AddCookie(ctx, c) - - if purge { - // delete request's cookie also, which is temporary available. - ctx.Request().Header.Set("Cookie", "") - } + AddCookie(ctx, c, purge) } // IsValidCookieDomain returns true if the receiver is a valid domain to set diff --git a/sessions/sessions.go b/sessions/sessions.go index 3a45e26a..e4025f84 100644 --- a/sessions/sessions.go +++ b/sessions/sessions.go @@ -96,7 +96,7 @@ func (s *Sessions) updateCookie(ctx context.Context, sid string, expires time.Du // encode the session id cookie client value right before send it. cookie.Value = s.encodeCookieValue(cookie.Value) - AddCookie(ctx, cookie) + AddCookie(ctx, cookie, s.config.AllowReclaim) } // Start should start the session for the particular request. @@ -131,7 +131,8 @@ func (s *Sessions) UpdateExpiration(ctx context.Context, expires time.Duration) cookieValue := s.decodeCookieValue(GetCookie(ctx, s.config.Cookie)) if cookieValue != "" { - if s.provider.UpdateExpiration(cookieValue, expires) { + // we should also allow it to expire when the browser closed + if s.provider.UpdateExpiration(cookieValue, expires) || expires == -1 { s.updateCookie(ctx, cookieValue, expires) } } From c6b12ab7548eef1190ea486a5fe9980aecca5f74 Mon Sep 17 00:00:00 2001 From: Wing Gao Date: Fri, 15 Dec 2017 22:42:18 +0800 Subject: [PATCH 2/2] need a better way to replace an existed cookie Former-commit-id: bee4a686d50e61e607e7f86c1dee93a877cd1413 --- sessions/cookie.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sessions/cookie.go b/sessions/cookie.go index d95de513..537f8d19 100644 --- a/sessions/cookie.go +++ b/sessions/cookie.go @@ -53,6 +53,11 @@ func RemoveCookie(ctx context.Context, name string, purge bool) { c.Value = "" c.Path = "/" AddCookie(ctx, c, purge) + + if purge { + // delete request's cookie also, which is temporary available. + ctx.Request().Header.Set("Cookie", "") + } } // IsValidCookieDomain returns true if the receiver is a valid domain to set