Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Kagtaviy2016-04-24 17:45:26
go
Kagtaviy, 2016-04-24 17:45:26

How to work with sessions in golang?

Hello, I ask for help in explaining the principle of working with sessions.
I can not understand the principle of working with sessions (I use Gorilla sessions and redis).
Here for example:
I do authorization of the user. The user enters data, then they are checked against the database, and if everything is correct, then a session should be generated? Suppose we have generated a session, and what's next, roughly speaking, how to understand that Ivan is Ivan and not Kolya?
The next question is, what does "something-very-secret" in the store variable do and why is it needed?

var store = sessions.NewCookieStore([]byte("something-very-secret")) // что это за secret key и зачем он используется

    func MyHandler(w http.ResponseWriter, r *http.Request) {
        session, _ := store.Get(r, "session-name")
        session.Values["foo"] = "bar"
        session.Values[42] = 43
        session.Save(r, w)
    }

And the last question, on the Gorilla sessions page I came across the package https://github.com/boj/redistore , why is it needed?
Thanks in advance!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
P
pcdesign, 2016-04-24
@Kagtaviy

The user enters data, then they are checked against the database, and if everything is correct, then a session should be generated?

Right.
Well, inside the session, the user id is usually stored in encrypted form.
session.Values["user_id"] = "123"
This is the encryption key. To store data in browser cookies not in clear text, but in encrypted form.
This is a way to store sessions on the backend, in this case a radish database.
But, this method should be approached when it is really needed.

Report
A
Alexander Semchenko, 2016-04-24
@0xcffaedfe

What for docks to read the truth?
https://godoc.org/gopkg.in/boj/redistore.v1
www.gorillatoolkit.org/pkg/sessions

Report
F
fastpars, 2016-04-24
@fastpars

how to understand that Ivan is Ivan and not Kolya

session.Values["userID"] = "some-user-id"
Used to encrypt the session. Can take any value.
For storing sessions in radish) ...

Similar questions
P
pcdesign2015-10-13 13:36:10
How to generate routes and templates? 3Reply
A
Andrey2018-02-22 19:18:59
How to correctly expand json of an arbitrary structure? 1Reply
V
v- death2015-10-22 02:49:51
Is there a ready-made implementation of the WebRTC signaling server in Golang? 2Reply
C
Coder3212018-02-28 11:20:38
Does Go have something similar to nodemon in node? 1Reply
A
Alexey Poimtsev2015-10-25 02:40:56
What are the best practices for deploying Golang applications? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question