Mirrors/kararas_iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2026-03-08 01:16:30 +00:00
Code Releases Activity

Implement feature request: http://support.iris-go.com/d/29-mark-cookie-for-session-as-secure

Browse Source 
Example:

app := iris.New()
app.Adapt(httprouter.New())
// IMPORTANT
cookieName := "mycustomsessionid"
// AES only supports key sizes of 16, 24 or 32 bytes.
// You either need to provide exactly that amount or you derive the key
from what you type in.
hashKey := []byte("the-big-and-secret-fash-key-here")
blockKey := []byte("lot-secret-of-characters-big-too")
secureCookie := securecookie.New(hashKey, blockKey)

app.Adapt(sessions.New(sessions.Config{
Cookie: cookieName,
Encode: secureCookie.Encode,
Decode: secureCookie.Decode,
}))

Former-commit-id: 6fe5ce6cb834d55862242e08405fad4e721caa5b
This commit is contained in:
Gerasimos (Makis) Maropoulos
2017-03-18 12:22:20 +02:00
parent 549c8eba10
commit d51c0b7b50
5 changed files with 213 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
context.go
View File

@@ -269,6 +269,34 @@ func (ctx *Context) GetHandlerName() string {
return runtime.FuncForPC(reflect.ValueOf(ctx.Middleware[len(ctx.Middleware)-1]).Pointer()).Name()
}
// ParamValidate receives a compiled Regexp and execute a parameter's value
// against this regexp, returns true if matched or param not found, otherwise false.
//
// It accepts a compiled regexp to reduce the performance cost on serve time.
// If you need a more automative solution, use the `app.Regex` or `app.RegexSingle` instead.
//
// This function helper is ridiculous simple but it's good to have it on one place.
func (ctx *Context) ParamValidate(compiledExpr *regexp.Regexp, paramName string) bool {
pathPart := ctx.Param(paramName)
if pathPart == "" {
// take care, the router already
// does the param validations
// so if it's empty here it means that
// the router has label it as optional.
// so we skip the check.
return true
}
if pathPart[0] == '/' {
// it's probably wildcard, we 'should' remove that part to do the matching below
pathPart = pathPart[1:]
}
// the improtant thing:
// if the path part didn't match with the relative exp, then fire status not found.
return compiledExpr.MatchString(pathPart)
}
// ExecRoute calls any route (mostly "offline" route) like it was requested by the user, but it is not.
// Offline means that the route is registered to the iris and have all features that a normal route has
// BUT it isn't available by browsing, its handlers executed only when other handler's context call them