[GO] Booking - routing, middleware, session packages

사용한 패키지는 아래와 같다.

routing package chi - go get -u github.com/go-chi/chi/v5
middleware, CSRF - go get github.com/justinas/nosurf
session managing - go get go get github.com/alexedwards/scs/v2

 

 

routes.go

 

func routes() http.Handler {
	mux := chi.NewRouter()
	mux.Use(middleware.Recoverer) 	// chi's sub package
	mux.Use(NoSurf)               	// CSRF protection from middleware.go
	mux.Use(SessionLoad)		// session protection from middleware.go

	mux.Get("/", "해당웹페이지")
	mux.Get("/about", "해당웹페이지")

	return mux
}

 

middleware.go - CSRF, session

 

// NoSurf andds CSRF protection to all POST requests
func NoSurf(next http.Handler) http.Handler {
	log.Println("call NoSurf")
	csrfHandler := nosurf.New(next)

	csrfHandler.SetBaseCookie(http.Cookie{
		HttpOnly: true,
		Path:     "/",
		Secure:   app.InProduction,
		SameSite: http.SameSiteDefaultMode,
	})

	return csrfHandler
}

// SessionLoad loads and saves the session on every requests
func SessionLoad(next http.Handler) http.Handler {
	log.Println("call SessionLoad")
	return session.LoadAndSave(next)
}

 

main.go

 

const portNumber = ":3000"
var session *scs.SessionManager

// change this to true wehn in production
app.InProduction = false

session = scs.New()
session.Lifetime = 24 * time.Hour
session.Cookie.Persist = true
session.Cookie.SameSite = http.SameSiteLaxMode
session.Cookie.Secure = false

svr := &http.Server{
	Addr:    portNumber,
	Handler: routes(&app),		// from routes.go
}
err = svr.ListenAndServe()

 

소스코드 - [https://github.com/mike-bskim/booking/releases/tag/session] 하위폴더중 "bookings-31" 가 해당 버전임.