go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-02-09 02:34:55 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #699 from corebreaker/session-cookie-decoder-error

Browse Source 
Sessions: Test decoded cookie for empty strings
Former-commit-id: 776e478b75d87b22723f6539ba15604eb0abee28
This commit is contained in:
Gerasimos (Makis) Maropoulos 2017-08-02 13:43:58 +03:00 committed by GitHub
commit b848e2ebdc
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
sessions/sessions.go
View File

@ -101,7 +101,7 @@ func (s *Sessions) updateCookie(sid string, ctx context.Context, expires time.Du
// Start should start the session for the particular request. // Start should start the session for the particular request.
func (s *Sessions) Start(ctx context.Context) *Session { func (s *Sessions) Start(ctx context.Context) *Session {
cookieValue := GetCookie(ctx, s.config.Cookie) cookieValue := s.decodeCookieValue(GetCookie(ctx, s.config.Cookie))
if cookieValue == "" { // cookie doesn't exists, let's generate a session and add set a cookie if cookieValue == "" { // cookie doesn't exists, let's generate a session and add set a cookie
sid := s.config.SessionIDGenerator() sid := s.config.SessionIDGenerator()
@ -114,7 +114,6 @@ func (s *Sessions) Start(ctx context.Context) *Session {
return sess return sess
} }
cookieValue = s.decodeCookieValue(cookieValue)
sess := s.provider.Read(cookieValue, s.config.Expires) sess := s.provider.Read(cookieValue, s.config.Expires)
return sess return sess
@ -127,12 +126,11 @@ func (s *Sessions) ShiftExpiraton(ctx context.Context) {
// UpdateExpiraton change expire date of a session to a new date by using timeout value passed by `expires` parameter // UpdateExpiraton change expire date of a session to a new date by using timeout value passed by `expires` parameter
func (s *Sessions) UpdateExpiraton(ctx context.Context, expires time.Duration) { func (s *Sessions) UpdateExpiraton(ctx context.Context, expires time.Duration) {
cookieValue := GetCookie(ctx, s.config.Cookie) cookieValue := s.decodeCookieValue(GetCookie(ctx, s.config.Cookie))
if cookieValue != "" { if cookieValue != "" {
sid := s.decodeCookieValue(cookieValue) if s.provider.UpdateExpiraton(cookieValue, expires) {
if s.provider.UpdateExpiraton(sid, expires) { s.updateCookie(cookieValue, ctx, expires)
s.updateCookie(sid, ctx, expires)
} }
} }
} }
@ -172,7 +170,12 @@ func (s *Sessions) DestroyAll() {
// let's keep these funcs simple, we can do it with two lines but we may add more things in the future. // let's keep these funcs simple, we can do it with two lines but we may add more things in the future.
func (s *Sessions) decodeCookieValue(cookieValue string) string { func (s *Sessions) decodeCookieValue(cookieValue string) string {
if cookieValue == "" {
return ""
}
var cookieValueDecoded *string var cookieValueDecoded *string
if decode := s.config.Decode; decode != nil { if decode := s.config.Decode; decode != nil {
err := decode(s.config.Cookie, cookieValue, &cookieValueDecoded) err := decode(s.config.Cookie, cookieValue, &cookieValueDecoded)
if err == nil { if err == nil {
@ -181,6 +184,7 @@ func (s *Sessions) decodeCookieValue(cookieValue string) string {
cookieValue = "" cookieValue = ""
} }
} }
return cookieValue return cookieValue
} }