My rails app uses session for storing a user credentials for authorization. Trying to sign in and do some actions (that require a user session) in Go code. Should I retrieve a user session when signing in and pass to the next request? How can I handle that?
Go's standard library does not provide an HTTP session manager. So you have to write one yourself, or use one written by others.
Some examples:
Usually HTTP sessions are managed via cookies between server and client, and as such, the session (session id) can be acquired directly from the request (http.Request
) e.g. with Request.Cookie()
.
That being said it is not necessary to "pass" the session through the "request chain", every handler can access it just by having the http.Request
.
For example using github.com/icza/session
it can be done like this:
func MyHandler(w http.ResponseWriter, r *http.Request) {
sess := session.Get(r)
if sess == nil {
// No session (yet)
} else {
// We have a session, use it
}
}
Using Gorilla sessions, it's similar:
var store = sessions.NewCookieStore([]byte("something-very-secret"))
func MyHandler(w http.ResponseWriter, r *http.Request) {
session, err := store.Get(r, "session-name")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
// Use session
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With