jdysya/Family-Tree
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): 优化退出登录功能并集成配置中心

Browse Source 
- 在退出登录时使用配置中心的 session 选项
- 清除用户 session 数据并保存更改
- 将 session 配置移至 config 包,提高可维护性
This commit is contained in:
高手 2025-02-16 10:19:29 +08:00
parent fbed496bed
commit b5788cd8b5
3 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
gateway/config/session.go Normal file
View File

@ -0,0 +1,30 @@
package config
import (
"net/http"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
)
// InitSessionStore 初始化session存储
func InitSessionStore() sessions.Store {
store := cookie.NewStore([]byte("secret"))
store.Options(sessions.Options{
MaxAge: 86400 * 7,
HttpOnly: true,
Secure: false, // 如果是HTTPS需要设为true
SameSite: http.SameSiteLaxMode, // 允许跨站携带cookie
})
return store
}
// 退出登录时立即使客户端cookie过期
func GetLogoutSessionOptions() sessions.Options {
return sessions.Options{
Path: "/", // cookie的路径
MaxAge: -1, // 立即使cookie过期
Secure: false, // 如果是HTTPS需要设为true
HttpOnly: true, // 防止JS访问
}
}

9
gateway/handlers/auth.go
View File

@ -6,6 +6,7 @@ import (
"strconv" "strconv"
"strings" "strings"
"gateway/config"
"gateway/models" "gateway/models"
"gateway/utils" "gateway/utils"
@ -138,12 +139,20 @@ func PostRegister(db *gorm.DB) gin.HandlerFunc {
func Logout(c *gin.Context) { func Logout(c *gin.Context) {
session := sessions.Default(c) session := sessions.Default(c)
// 使用配置中的session选项
session.Options(config.GetLogoutSessionOptions())
// 清除session数据
session.Clear() session.Clear()
// 保存更改
if err := session.Save(); err != nil { if err := session.Save(); err != nil {
utils.Logger.Errorf("退出登录失败: %v", err) utils.Logger.Errorf("退出登录失败: %v", err)
c.HTML(http.StatusInternalServerError, "error.html", gin.H{"error": "退出登录失败"}) c.HTML(http.StatusInternalServerError, "error.html", gin.H{"error": "退出登录失败"})
return return
} }
c.Redirect(http.StatusSeeOther, "/login") c.Redirect(http.StatusSeeOther, "/login")
} }

12
gateway/main.go
View File

@ -1,15 +1,13 @@
package main package main
import ( import (
"net/http" "gateway/config"
"gateway/handlers" "gateway/handlers"
"gateway/middleware" "gateway/middleware"
"gateway/models" "gateway/models"
"gateway/utils" "gateway/utils"
"github.com/gin-contrib/sessions" "github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/jinzhu/gorm" "github.com/jinzhu/gorm"
_ "github.com/jinzhu/gorm/dialects/sqlite" _ "github.com/jinzhu/gorm/dialects/sqlite"
@ -36,13 +34,7 @@ func main() {
r.LoadHTMLGlob("templates/*") r.LoadHTMLGlob("templates/*")
// 配置 Session 中间件 // 配置 Session 中间件
store := cookie.NewStore([]byte("secret")) store := config.InitSessionStore()
store.Options(sessions.Options{
MaxAge: 86400 * 7,
HttpOnly: true,
Secure: false, // 如果是HTTPS需要设为true
SameSite: http.SameSiteLaxMode, // 允许跨站携带cookie
})
r.Use(sessions.Sessions("mysession", store)) r.Use(sessions.Sessions("mysession", store))
// 路由配置 // 路由配置