taoshihan 2 days ago
parent 29b2115f5d
commit 72aa51c9b4

@ -56,9 +56,8 @@ func run() {
// Gin engine setup
engine := gin.Default()
engine.LoadHTMLGlob("static/templates/*")
engine.Static("/assets", "./static")
engine.Static("/static", "./static")
engine.Use(tools.Session("gofly"))
engine.Use(middleware.SessionHandler())
engine.Use(middleware.CrossSite)
// Middlewares

@ -0,0 +1,30 @@
package middleware
import (
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
"net/http"
)
// SessionHandler 创建并返回会话中间件
func SessionHandler() gin.HandlerFunc {
store := SessionConfig()
return sessions.Sessions("GOFLY", store)
}
// SessionConfig 配置会话存储
func SessionConfig() sessions.Store {
sessionMaxAge := 3600
sessionSecret := "GOFLY"
store := cookie.NewStore([]byte(sessionSecret))
store.Options(sessions.Options{
MaxAge: sessionMaxAge, // seconds
Path: "/",
HttpOnly: true, // 建议添加防止XSS攻击
Secure: true, // 生产环境建议启用要求HTTPS
SameSite: http.SameSiteLaxMode, // 防止CSRF攻击
})
return store
}

@ -1,24 +0,0 @@
package tools
import (
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
)
// 中间件处理session
func Session(keyPairs string) gin.HandlerFunc {
store := SessionConfig()
return sessions.Sessions(keyPairs, store)
}
func SessionConfig() sessions.Store {
sessionMaxAge := 3600
sessionSecret := "gofly"
var store sessions.Store
store = cookie.NewStore([]byte(sessionSecret))
store.Options(sessions.Options{
MaxAge: sessionMaxAge, //seconds
Path: "/",
})
return store
}
Loading…
Cancel
Save