사용한 패키지는 아래와 같다.
routing package chi - go get -u github.com/go-chi/chi/v5
middleware, CSRF - go get github.com/justinas/nosurf
session managing - go get go get github.com/alexedwards/scs/v2
routes.go
func routes() http.Handler {
mux := chi.NewRouter()
mux.Use(middleware.Recoverer) // chi's sub package
mux.Use(NoSurf) // CSRF protection from middleware.go
mux.Use(SessionLoad) // session protection from middleware.go
mux.Get("/", "해당웹페이지")
mux.Get("/about", "해당웹페이지")
return mux
}
middleware.go - CSRF, session
// NoSurf andds CSRF protection to all POST requests
func NoSurf(next http.Handler) http.Handler {
log.Println("call NoSurf")
csrfHandler := nosurf.New(next)
csrfHandler.SetBaseCookie(http.Cookie{
HttpOnly: true,
Path: "/",
Secure: app.InProduction,
SameSite: http.SameSiteDefaultMode,
})
return csrfHandler
}
// SessionLoad loads and saves the session on every requests
func SessionLoad(next http.Handler) http.Handler {
log.Println("call SessionLoad")
return session.LoadAndSave(next)
}
main.go
const portNumber = ":3000"
var session *scs.SessionManager
// change this to true wehn in production
app.InProduction = false
session = scs.New()
session.Lifetime = 24 * time.Hour
session.Cookie.Persist = true
session.Cookie.SameSite = http.SameSiteLaxMode
session.Cookie.Secure = false
svr := &http.Server{
Addr: portNumber,
Handler: routes(&app), // from routes.go
}
err = svr.ListenAndServe()
소스코드 - [https://github.com/mike-bskim/booking/releases/tag/session] 하위폴더중 "bookings-31" 가 해당 버전임.
'GO lang > Toy - booking' 카테고리의 다른 글
[GO] Booking - HTML rendering (0) | 2021.11.27 |
---|