go-session / session Goto Github PK
View Code? Open in Web Editor NEWA efficient, safely and easy-to-use session library for Go.
Home Page: https://godoc.org/github.com/go-session/session
License: MIT License
session's People
Contributors
Stargazers
Watchers
Forkers
dulumao e2ebot jangocheng zhouying-bit isgasho skyformat99 zhoulin1359 goarchtect woshizilong bjr3ady ismiyati mrli834668690 wow030 wangxiaomeng3 edieruby xiaojun207 luoshixi zhouruisong developgo forkpool dut3062796s polarrwl screeningeagledreamlab shebinleo hankgalt steven-varga chetratep kevincobain2000 hhongseungwoo seamory yymmiinngg scumfunk linuxsuren gbwgoo loyaonline victor-dm-black mbictsession's Issues
Example provided in docs is not working.
../go/pkg/mod/gopkg.in/[email protected]/session.go:30:19: not enough arguments in call to uuid.Must
have (uuid.UUID)
want (uuid.UUID, error)```
总感觉有bug、每一次请求都是一个新的session_id ?
看cookie是正常的, 但是在redis的时候只看到检查判断Check是否存在某个, 如果不存在, 就又新建一个cookie? 新的sessionId 不用写进store的吗?
A doubt about expiring session
Hi, I have some doubts regarding this line:
Line 143 in 77451f6
I don't fully understand why you keep adding life to the items.
I tried this:
func main() {
session.InitManager(
session.SetSecure(true),
session.SetEnableSetCookie(true),
session.SetCookieName("my-session"),
session.SetCookieLifeTime(300), // 5 minutes
session.SetExpired(300), // 5 minutes
session.SetEnableSIDInURLQuery(false),
session.SetEnableSIDInHTTPHeader(false),
)
http.HandleFunc("/set", func(w http.ResponseWriter, r *http.Request) {
store, err := session.Start(context.Background(), w, r)
if err != nil {
fmt.Fprint(w, err)
return
}
store.Set("foo", "bar")
err = store.Save()
if err != nil {
fmt.Fprint(w, err)
return
}
})
http.HandleFunc("/get", func(w http.ResponseWriter, r *http.Request) {
store, err := session.Start(context.Background(), w, r)
if err != nil {
fmt.Fprint(w, err)
return
}
foo, ok := store.Get("foo")
if ok {
fmt.Fprintf(w, "foo:%s", foo)
return
}
fmt.Fprint(w, "does not exist")
})
http.ListenAndServe(":8080", nil)
}
After 5 minutes the cookie expires and I would no longer be able to access my in-memory session again.
BUT, if I had copied its value before it expires I could easly change it on the new one the server send me on the next request (ie from Chrome->dev tools->Application) and I would be perfectly able to access my old session.
All this because the above line keep extending the item life by the SetExpired() value.
To be more specific, that line is in the store Update() func called by the session Start() func in my "get" http handler.
Is it the right behaviour and there is something I don't underdstand or is it a bug?
The other non-in-memory stores work the same way?
Thank you very much!
go mod import error
go mod download get the error
require github.com/go-session/session: version "v3.1.3" invalid: module contains a go.mod file, so major version must be compatible: should be v0 or v1, not v3.
func (m *Manager) Destroy(ctx context.Conetxt,.....) doesn' work.
I set session with init manager setting domain option.
it is sub domain.
manager := session.NewManager(
session.SetCookieName(...),
session.SetCookieLifeTime(...),
session.SetExpired(int64(...)),
session.SetStore(...),
session.SetSessionID(...),
session.SetDomain(*.testdomain.com),
)
And, When I destroy session call function 'Destroy(..)'
It dosen't work. It still exists that cookie however in server side , that cookie (= session) is removed.
Maybe I think it beacuase of this below logic
// Destroy a session
func (m *Manager) Destroy(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
......
**if m.opts.enableSetCookie {
cookie := &http.Cookie{
Name: m.opts.cookieName,
Path: "/",
HttpOnly: true,
Expires: time.Now(),
MaxAge: -1,
}**
......
I think, It need to append
'Domain: m.opts.cookieName,'
please check this issue.
thank you.
install fail
go get -u -v github.com/go-session/gin-session
github.com/go-session/session
# github.com/go-session/session
../../../go/pkg/mod/github.com/go-session/[email protected]+incompatible/session.go:30:19: not enough arguments in call to uuid.Must
have (uuid.UUID)
want (uuid.UUID, error)
Is this stateless?
Readme states More secure, signature-based tamper-proof, does it means this works in stateless environment, where you do not require session stickiness?
datarace in default memory store
as the title said
Goroutine 24 (running) created at:
github.com/go-session/session/v3.NewMemoryStore()
github.com/go-session/session/[email protected]/store.go:58 +0x236
github.com/go-session/session/v3.NewManager()
github.com/go-session/session/[email protected]/session.go:166 +0x1b8
github.com/go-session/session/v3.manager.func1()
github.com/go-session/session/[email protected]/default.go:16 +0x50
sync.(*Once).doSlow()
sync/once.go:74 +0x101
sync.(*Once).Do()
sync/once.go:65 +0x46
github.com/go-session/session/v3.manager()
github.com/go-session/session/[email protected]/default.go:15 +0x77
github.com/go-session/session/v3.Start()
github.com/go-session/session/[email protected]/default.go:28 +0x49
main.loginHandler()
github.com/go-oauth2/oauth2/v4/example/server/server.go:204 +0x12a
net/http.HandlerFunc.ServeHTTP()
net/http/server.go:2122 +0x4d
net/http.(*ServeMux).ServeHTTP()
net/http/server.go:2500 +0xc5
net/http.serverHandler.ServeHTTP()
net/http/server.go:2936 +0x682
net/http.(*conn).serve()
net/http/server.go:1995 +0xbd4
net/http.(*Server).Serve.func3()
net/http/server.go:3089 +0x58
==================
We
session id and cookie changed after every request
go version: 1.8.2
web framework: gin v1.7.7
I could to get the cookie value with default name go_session_id in gin.Context.Request.Cookie, but session id with request and the cookie return in response always be changed after every request. I looking for reasons in source codes, but there is no way to solve it.
I used the go-session/gin-session but it occurred the same problem.
I also test the server.go as the example in ReadMe, but it works well.
有计划写一个支持iris的session的中间件不?
我看了一下这个session框架,但是没有找到支持iris的,有计划写一个吗?
另外我感觉session模块应该能够独立于语言,跟语言无关,其实无非服务器端就是通过一个sessionid或者token来管理的,理论上是可以独立于语言,开发语言无关的一个模块,通过rpc的方式暴露使用。
Use with go-cookie
Hi, I am trying to use this lib with github.com/go-session/cookie. I am getting some incompatibility error messages. The reason I would like to use v3 is the SameSite flag.
"github.com/go-session/cookie"
"github.com/go-session/session/v3"
Should I be using this with another cookie lib?
遍历session
如何遍历所有已保存的session
Does the package support GO v1.17.2
I can not download the package using
go get -v github.com/go-session/session/v3
The error is
go get: module github.com/go-session/session/v3: stream error: stream ID 7; INTERNAL_ERROR
My Go Version:
go version go1.17.2 darwin/amd64
每一次请求session
Help !!
Does the latest v3 session work with mongodb ?
每次请求的session ID都在变化
每次请求的sessionid 值都在变化, 信息存进session , 获取不到
Pull request
Hello would you pull this pull request please ASAP
#7
Thank you
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.