Merge pull request #1539 from ysqi/develop

change get sessionID logic from cookie
2016-01-07 13:49:33 +08:00 · 2016-01-07 13:49:33 +08:00 · ecc6bcba3f
commit ecc6bcba3f
parent 3fdf72f14c 80912b6210
2 changed files with 56 additions and 10 deletions
--- a/session/sess_cookie_test.go
+++ b/session/sess_cookie_test.go
@ -53,3 +53,44 @@ func TestCookie(t *testing.T) {
 		}
 	}
 }
 func TestDestorySessionCookie(t *testing.T) {
 	config := `{"cookieName":"gosessionid","enableSetCookie":true,"gclifetime":3600,"ProviderConfig":"{\"cookieName\":\"gosessionid\",\"securityKey\":\"beegocookiehashkey\"}"}`
 	globalSessions, err := NewManager("cookie", config)
 	if err != nil {
 		t.Fatal("init cookie session err", err)
 	}
 	r, _ := http.NewRequest("GET", "/", nil)
 	w := httptest.NewRecorder()
 	session, err := globalSessions.SessionStart(w, r)
 	if err != nil {
 		t.Fatal("session start err,", err)
 	}
 	// request again ,will get same sesssion id .
 	r1, _ := http.NewRequest("GET", "/", nil)
 	r1.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
 	w = httptest.NewRecorder()
 	newSession, err := globalSessions.SessionStart(w, r1)
 	if err != nil {
 		t.Fatal("session start err,", err)
 	}
 	if newSession.SessionID() != session.SessionID() {
 		t.Fatal("get cookie session id is not the same again.")
 	}
 	// After destory session , will get a new session id .
 	globalSessions.SessionDestroy(w, r1)
 	r2, _ := http.NewRequest("GET", "/", nil)
 	r2.Header.Set("Cookie", w.Header().Get("Set-Cookie"))
 	w = httptest.NewRecorder()
 	newSession, err = globalSessions.SessionStart(w, r2)
 	if err != nil {
 		t.Fatal("session start error")
 	}
 	if newSession.SessionID() == session.SessionID() {
 		t.Fatal("after destory session and reqeust again ,get cookie session id is same.")
 	}
 }
--- a/session/session.go
+++ b/session/session.go
@ -142,7 +142,7 @@ func NewManager(provideName, config string) (*Manager, error) {
 // otherwise return an valid session id.
 func (manager *Manager) getSid(r *http.Request) (string, error) {
 	cookie, errs := r.Cookie(manager.config.CookieName)
-	if errs != nil || cookie.Value == "" {
+	if errs != nil || cookie.Value == "" || cookie.MaxAge < 0 {
 		errs := r.ParseForm()
 		if errs != nil {
 			return "", errs
@ -202,14 +202,17 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	manager.provider.SessionDestroy(cookie.Value)
 	if manager.config.EnableSetCookie {
 		expiration := time.Now()
 		cookie = &http.Cookie{Name: manager.config.CookieName,
 			Path:     "/",
 			HttpOnly: true,
 			Expires:  expiration,
 			MaxAge:   -1}
 		http.SetCookie(w, cookie)
 	}
 }
 // GetSessionStore Get SessionStore by its id.
 func (manager *Manager) GetSessionStore(sid string) (sessions Store, err error) {
@ -231,7 +234,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
 		return
 	}
 	cookie, err := r.Cookie(manager.config.CookieName)
-	if err != nil && cookie.Value == "" {
+	if err != nil || cookie.Value == "" {
 		//delete old cookie
 		session, _ = manager.provider.SessionRead(sid)
 		cookie = &http.Cookie{Name: manager.config.CookieName,
@ -252,7 +255,9 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
 		cookie.MaxAge = manager.config.CookieLifeTime
 		cookie.Expires = time.Now().Add(time.Duration(manager.config.CookieLifeTime) * time.Second)
 	}
 	if manager.config.EnableSetCookie {
 		http.SetCookie(w, cookie)
 	}
 	r.AddCookie(cookie)
 	return
 }