Ejemplo n.º 1
1
// AddSignedCookie adds the specified cookie to the response and also adds an
// additional 'signed' cookie that is used to validate the cookies value when
// SignedCookie is called.
func (c *Context) AddSignedCookie(cookie *http.Cookie) (*http.Cookie, error) {

	// make the signed cookie
	signedCookie := new(http.Cookie)

	// copy the cookie settings
	signedCookie.Path = cookie.Path
	signedCookie.Domain = cookie.Domain
	signedCookie.RawExpires = cookie.RawExpires
	signedCookie.Expires = cookie.Expires
	signedCookie.MaxAge = cookie.MaxAge
	signedCookie.Secure = cookie.Secure
	signedCookie.HttpOnly = cookie.HttpOnly
	signedCookie.Raw = cookie.Raw

	// set the signed cookie specifics
	signedCookie.Name = toSignedCookieName(cookie.Name)
	signedCookie.Value = Hash(cookie.Value)

	// add the cookies
	http.SetCookie(c.ResponseWriter, cookie)
	http.SetCookie(c.ResponseWriter, signedCookie)

	// return the new signed cookie (and no error)
	return signedCookie, nil

}
Ejemplo n.º 2
1
/**
 * クッキーを作成する
 * @function
 * @param {string} name クッキーの名前
 * @param {string} value クッキーの値
 * @param {string} domain 有効ドメイン
 * @param {string} path 有効ディレクトリ
 * @param {int} hour 有効期限(時間)
 */
func NewCookie(name string, value string, domain string, path string, hour int) *http.Cookie {
	duration := time.Hour * time.Duration(hour)
	now := time.Now()
	expire := now.Add(duration)

	cookie := new(http.Cookie)
	cookie.Name = name
	cookie.Value = value
	cookie.Domain = domain
	cookie.Path = path
	cookie.Expires = expire
	cookie.RawExpires = expire.Format(time.UnixDate)
	cookie.MaxAge = 60 * 60 * hour
	cookie.Secure = false
	cookie.HttpOnly = true
	cookie.Raw = fmt.Sprintf("%s=%s", cookie.Name, cookie.Value)
	cookie.Unparsed = []string{cookie.Raw}

	return cookie
}
Ejemplo n.º 3
0
func TestAddSignedCookie(t *testing.T) {

	context := MakeTestContext()
	cookie := new(http.Cookie)
	cookie.Name = "userId"
	cookie.Value = "2468"
	cookie.Path = "/something"
	cookie.Domain = "domain"
	cookie.RawExpires = "NOW"
	cookie.Expires = time.Now()
	cookie.MaxAge = 123
	cookie.Secure = true
	cookie.HttpOnly = true
	cookie.Raw = "userId=2468;"

	signedCookie, err := context.AddSignedCookie(cookie)

	if err != nil {
		t.Errorf("AddSignedCookie shouldn't return an error: %s", err)
		return
	}

	assertEqual(t, signedCookie.Name, fmt.Sprintf("%s_signed", cookie.Name), "Cookie name")
	assertEqual(t, signedCookie.Value, Hash(cookie.Value), "Cookie value (signed)")

	// assert the rest of the values were also copied
	assertEqual(t, signedCookie.Path, cookie.Path, "Path")
	assertEqual(t, signedCookie.Domain, cookie.Domain, "Domain")
	assertEqual(t, signedCookie.RawExpires, cookie.RawExpires, "RawExpires")
	assertEqual(t, signedCookie.Expires, cookie.Expires, "Expires")
	assertEqual(t, signedCookie.MaxAge, cookie.MaxAge, "MaxAge")
	assertEqual(t, signedCookie.Secure, cookie.Secure, "Secure")
	assertEqual(t, signedCookie.HttpOnly, cookie.HttpOnly, "HttpOnly")
	assertEqual(t, signedCookie.Raw, cookie.Raw, "Raw")

}