3rd - gorilla/sessions

Author: lidajun

README.md

@@ -147,4 +147,6 @@
 * [gorilla/schema](https://darjun/github.io/2021/07/22/godailylib/gorilla/schema)
     gorilla Web 开发包之表单处理库
 * [gorilla/securecookie](https://darjun/github.io/2021/07/22/godailylib/gorilla/schema)
-    gorilla Web 开发包之安全 cookie 库
+    gorilla Web 开发包之安全 cookie 库
+* [gorilla/sessions](https://darjun/github.io/2021/07/25/godailylib/gorilla/sessions)
+    gorilla Web 开发包之 session 处理库

gorilla/sessions/auth/main.go

@@ -0,0 +1,95 @@
+package main
+
+import (
+	"encoding/json"
+	"github.com/gorilla/handlers"
+	"github.com/gorilla/mux"
+	"github.com/gorilla/securecookie"
+	"github.com/gorilla/sessions"
+	"html/template"
+	"log"
+	"net/http"
+	"os"
+)
+
+type User struct {
+	Username string
+	Count    int
+}
+
+var (
+	ptTemplate *template.Template
+	store      = sessions.NewFilesystemStore("./", securecookie.GenerateRandomKey(32), securecookie.GenerateRandomKey(32))
+)
+
+func GetSessionUser(r *http.Request) *User {
+	session, _ := store.Get(r, "user")
+	s, ok := session.Values["user"]
+	if !ok {
+		return nil
+	}
+	u := &User{}
+	json.Unmarshal([]byte(s.(string)), u)
+	return u
+}
+
+func SaveSessionUser(w http.ResponseWriter, r *http.Request, u *User) {
+	session, _ := store.Get(r, "user")
+	data, _ := json.Marshal(u)
+	session.Values["user"] = string(data)
+	store.Save(r, w, session)
+}
+
+func HomeHandler(w http.ResponseWriter, r *http.Request) {
+	u := GetSessionUser(r)
+	ptTemplate.ExecuteTemplate(w, "home.tpl", u)
+}
+
+func Login(w http.ResponseWriter, r *http.Request) {
+	ptTemplate.ExecuteTemplate(w, "login.tpl", nil)
+}
+
+func DoLogin(w http.ResponseWriter, r *http.Request) {
+	r.ParseForm()
+	username := r.Form.Get("username")
+	password := r.Form.Get("password")
+	if username != "darjun" || password != "handsome" {
+		http.Redirect(w, r, "/login", http.StatusFound)
+		return
+	}
+
+	SaveSessionUser(w, r, &User{Username: username})
+	http.Redirect(w, r, "/", http.StatusFound)
+}
+
+func SecretHandler(w http.ResponseWriter, r *http.Request) {
+	u := GetSessionUser(r)
+	if u == nil {
+		http.Redirect(w, r, "/login", http.StatusFound)
+		return
+	}
+	u.Count++
+	SaveSessionUser(w, r, u)
+	ptTemplate.ExecuteTemplate(w, "secret.tpl", u)
+}
+
+func Logger(h http.Handler) http.Handler {
+	return handlers.CombinedLoggingHandler(os.Stdout, h)
+}
+
+func main() {
+	r := mux.NewRouter()
+	r.Use(Logger)
+	r.HandleFunc("/", HomeHandler)
+	r.HandleFunc("/secret", SecretHandler)
+	r.Handle("/login", handlers.MethodHandler{
+		"GET":  http.HandlerFunc(Login),
+		"POST": http.HandlerFunc(DoLogin),
+	})
+	http.Handle("/", r)
+	log.Fatal(http.ListenAndServe(":8080", nil))
+}
+
+func init() {
+	ptTemplate = template.Must(template.New("").ParseGlob("./tpls/*.tpl"))
+}

gorilla/sessions/auth/tpls/home.tpl

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Home</title>
+</head>
+<body>
+{{ if . }}
+<p>Hi, {{ .Username }}</p><br>
+<a href="/secret">Goto secret?</a>
+{{ else }}
+<p>Hi, stranger</p><br>
+<a href="/login">Goto login?</a>
+{{ end }}
+</body>
+</html>

gorilla/sessions/auth/tpls/login.tpl

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Login</title>
+</head>
+<body>
+<form action="/login" method="post">
+	<label>Username:</label>
+	<input name="username"><br>
+	<label>Password:</label>
+	<input name="password" type="password"><br>
+	<button type="submit">登录</button>
+</form>
+</body>
+</html>

gorilla/sessions/auth/tpls/secret.tpl

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Secret</title>
+</head>
+<body>
+<p>
+Lorem ipsum dolor sit amet consectetur adipisicing elit.
+Inventore a cumque sunt pariatur nihil doloremque tempore,
+consectetur ipsum sapiente id excepturi enim velit,
+quis nisi esse doloribus aliquid. Incidunt, dolore.
+</p>
+<p>You have visited this page {{ .Count }} times.</p>
+</body>
+</html>

gorilla/sessions/go.mod

@@ -0,0 +1,11 @@
+module github.com/darjun/go-daily-lib/gorilla/sessions
+
+go 1.16
+
+require (
+	github.com/garyburd/redigo v1.6.2 // indirect
+	github.com/gorilla/handlers v1.5.1 // indirect
+	github.com/gorilla/mux v1.8.0 // indirect
+	github.com/gorilla/sessions v1.2.1 // indirect
+	gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b // indirect
+)

gorilla/sessions/go.sum

@@ -0,0 +1,14 @@
+github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ=
+github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/garyburd/redigo v1.6.2 h1:yE/pwKCrbLpLpQICzYTeZ7JsTA/C53wFTJHaEtRqniM=
+github.com/garyburd/redigo v1.6.2/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
+github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
+github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q=
+github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
+github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
+github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
+github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
+gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b h1:U/Uqd1232+wrnHOvWNaxrNqn/kFnr4yu4blgPtQt0N8=
+gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b/go.mod h1:fgfIZMlsafAHpspcks2Bul+MWUNw/2dyQmjC2faKjtg=

gorilla/sessions/nginx.conf

@@ -0,0 +1,121 @@
+
+#user  nobody;
+worker_processes  1;
+
+#error_log  logs/error.log;
+#error_log  logs/error.log  notice;
+#error_log  logs/error.log  info;
+
+#pid        logs/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    default_type  application/octet-stream;
+
+    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    #                  '$status $body_bytes_sent "$http_referer" '
+    #                  '"$http_user_agent" "$http_x_forwarded_for"';
+
+    #access_log  logs/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+
+    #gzip  on;
+    upstream mysvr { 
+        server localhost:8080;
+        server localhost:8081;
+        server localhost:8082;
+    }    
+
+
+    server {
+        listen       80;
+        server_name  localhost;
+
+        #charset koi8-r;
+
+        #access_log  logs/host.access.log  main;
+
+        location / {
+            proxy_pass http://mysvr;
+        }
+
+        #error_page  404              /404.html;
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   html;
+        }
+
+        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+        #
+        #location ~ \.php$ {
+        #    proxy_pass   http://127.0.0.1;
+        #}
+
+        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+        #
+        #location ~ \.php$ {
+        #    root           html;
+        #    fastcgi_pass   127.0.0.1:9000;
+        #    fastcgi_index  index.php;
+        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+        #    include        fastcgi_params;
+        #}
+
+        # deny access to .htaccess files, if Apache's document root
+        # concurs with nginx's one
+        #
+        #location ~ /\.ht {
+        #    deny  all;
+        #}
+    }
+
+
+    # another virtual host using mix of IP-, name-, and port-based configuration
+    #
+    #server {
+    #    listen       8000;
+    #    listen       somename:8080;
+    #    server_name  somename  alias  another.alias;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+
+
+    # HTTPS server
+    #
+    #server {
+    #    listen       443 ssl;
+    #    server_name  localhost;
+
+    #    ssl_certificate      cert.pem;
+    #    ssl_certificate_key  cert.key;
+
+    #    ssl_session_cache    shared:SSL:1m;
+    #    ssl_session_timeout  5m;
+
+    #    ssl_ciphers  HIGH:!aNULL:!MD5;
+    #    ssl_prefer_server_ciphers  on;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+    include servers/*;
+}