aboutsummaryrefslogtreecommitdiff
path: root/vendor/github.com/gorilla/sessions
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/gorilla/sessions')
-rw-r--r--vendor/github.com/gorilla/sessions/README.md2
-rw-r--r--vendor/github.com/gorilla/sessions/store.go25
2 files changed, 26 insertions, 1 deletions
diff --git a/vendor/github.com/gorilla/sessions/README.md b/vendor/github.com/gorilla/sessions/README.md
index 12f6118..65e5e1b 100644
--- a/vendor/github.com/gorilla/sessions/README.md
+++ b/vendor/github.com/gorilla/sessions/README.md
@@ -64,7 +64,7 @@ Other implementations of the `sessions.Store` interface:
* [github.com/srinathgs/couchbasestore](https://github.com/srinathgs/couchbasestore) - Couchbase
* [github.com/denizeren/dynamostore](https://github.com/denizeren/dynamostore) - Dynamodb on AWS
* [github.com/bradleypeabody/gorilla-sessions-memcache](https://github.com/bradleypeabody/gorilla-sessions-memcache) - Memcache
-* [github.com/dsoprea/goappenginesessioncascade](https://github.com/dsoprea/goappenginesessioncascade) - Memcache/Datastore/Context in AppEngine
+* [github.com/dsoprea/go-appengine-sessioncascade](https://github.com/dsoprea/go-appengine-sessioncascade) - Memcache/Datastore/Context in AppEngine
* [github.com/kidstuff/mongostore](https://github.com/kidstuff/mongostore) - MongoDB
* [github.com/srinathgs/mysqlstore](https://github.com/srinathgs/mysqlstore) - MySQL
* [github.com/antonlindstrom/pgstore](https://github.com/antonlindstrom/pgstore) - PostgreSQL
diff --git a/vendor/github.com/gorilla/sessions/store.go b/vendor/github.com/gorilla/sessions/store.go
index ba3b9e9..4ff6b6c 100644
--- a/vendor/github.com/gorilla/sessions/store.go
+++ b/vendor/github.com/gorilla/sessions/store.go
@@ -205,8 +205,22 @@ func (s *FilesystemStore) New(r *http.Request, name string) (*Session, error) {
}
// Save adds a single session to the response.
+//
+// If the Options.MaxAge of the session is <= 0 then the session file will be
+// deleted from the store path. With this process it enforces the properly
+// session cookie handling so no need to trust in the cookie management in the
+// web browser.
func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter,
session *Session) error {
+ // Delete if max-age is <= 0
+ if session.Options.MaxAge <= 0 {
+ if err := s.erase(session); err != nil {
+ return err
+ }
+ http.SetCookie(w, NewCookie(session.Name(), "", session.Options))
+ return nil
+ }
+
if session.ID == "" {
// Because the ID is used in the filename, encode it to
// use alphanumeric characters only.
@@ -268,3 +282,14 @@ func (s *FilesystemStore) load(session *Session) error {
}
return nil
}
+
+// delete session file
+func (s *FilesystemStore) erase(session *Session) error {
+ filename := filepath.Join(s.path, "session_"+session.ID)
+
+ fileMutex.RLock()
+ defer fileMutex.RUnlock()
+
+ err := os.Remove(filename)
+ return err
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 20:04:04 +0000