In the Gin framework, use ctx.SetCookie()methods to set cookies. The following is a specific implementation example:
func setCookie(c *gin.Context) {
// 设置Cookie的参数和值
c.SetCookie("my_cookie", "example value", 3600, "/", "localhost", false, true)
// 其他逻辑
}
In this example, we use c.SetCookie()the method to set the cookie. The parameters received by the method are as follows:
- The first parameter is the name of the cookie.
- The second parameter is the value of the cookie.
- The third parameter is the cookie expiration time in seconds. In this example, set the cookie expiration time to 3600 seconds (i.e. 1 hour).
- The fourth parameter is the path of the cookie, specifying the path where the cookie is available. In this example, we set it to the root path "/".
- The fifth parameter is the domain of the cookie, specifying the domain name where the cookie is available. In this example, we set it to "localhost", which means it can only be used in the local test environment.
- The sixth parameter is a Boolean value indicating whether to use HTTPS to send cookies. In this example we set it to false.
- The seventh parameter is a Boolean value indicating whether the SameSite attribute is enabled. In this example we set it to true.
With this setting, the cookie can be sent to the client in the response, and the client will automatically store it and send it back to the server in subsequent requests.
view template
Set cookie value in controller;
func (con AdminControllers) Views(c *gin.Context) {
c.SetCookie("username", "王二妹", 3600, "/", "localhost", false, true)
c.HTML(http.StatusOK, "admin/views/index.html", gin.H{
"title": "views页面",
})
}
Does the cookie exist after the expiration time?
Answer: When the expiration time of a cookie reaches, the browser will no longer send the cookie to the server. In other words, the cookie is considered expired by the browser and is no longer transmitted by the browser.
Although the browser no longer sends an expired cookie, the cookie may still exist in the client's cookie storage. Different browsers have different behaviors. Some browsers will delete the cookie immediately after expiration, while some browsers will retain the expired cookie until the browser cache is cleared or the user actively deletes it.
In server-side code, you cannot directly inspect the client's cookie store. The server will only receive valid cookies sent by the browser (that is, cookies that have not expired).
Therefore, even if the expiration time has been reached, you can still receive the expired cookie on the server side until the browser deletes it.
To avoid processing expired cookies, you can check on the server side whether the received cookie is within the validity period. If it has expired, it will not be processed further.
How to delete the fields set by cookies?
In the Gin framework, to delete a cookie, you can use c.SetCookie() the method and set its expiration time to a timestamp in the past. This will cause the browser to immediately mark the cookie as expired and delete it.
Here is an example:
func deleteCookie(c *gin.Context) {
// 删除名为 "my_cookie" 的 Cookie
c.SetCookie("my_cookie", "", -1, "/", "localhost", false, true)
// 其他逻辑
}
In this example, we use c.SetCookie() the method to delete the cookie named "my_cookie". We set the cookie expiration time -1to indicate that the cookie has expired. We then set the other parameters to be the same as the original cookie, ensuring the browser deletes the correct cookie.
With this setting, the browser will immediately delete the cookie named "my_cookie" when the response is returned to the client.
It should be noted that to correctly delete a Cookie, you must ensure that the parameters in the SetCookie method (such as path, domain name, Secure, SameSite) are completely consistent with the parameters used when setting the Cookie. Only if these parameters match exactly can the browser correctly identify and delete the cookie.
To summarize, to delete a cookie, set its expiration time to a timestamp in the past and c.SetCookie() use the same parameters in the method as the original cookie. This will notify the browser to delete the cookie immediately.
package admins
import (
"fmt"
"net/http"
"os"
"path"
"project/models"
"strconv"
"github.com/gin-gonic/gin"
)
type AdminControllers struct{}
func (con AdminControllers) Index(c *gin.Context) {
c.String(200, "admin后管项目")
}
func (con AdminControllers) PageIndex(c *gin.Context) {
c.HTML(200, "admin/login/index.html", gin.H{
"title": "admin后管项目",
})
}
func (con AdminControllers) Login(c *gin.Context) {
username := c.PostForm("username")
password := c.PostForm("password")
c.String(200, "用户名:=%v,密码:=%v \n", username, password)
// c.HTML(200, "admin/views/index.html", gin.H{
// "title": "viewAdmin页面",
// })
}
func (con AdminControllers) Register(c *gin.Context) {
c.HTML(200, "admin/register/index.html", gin.H{
"title": "注册页面",
})
}
func (con AdminControllers) Views(c *gin.Context) {
c.SetCookie("username", "王二妹", 3600, "/", "localhost", false, true)
c.SetCookie("hobby", "玩游戏,看电视", 5, "/", "localhost", false, true)
// c.String(200, "Views页面")
c.HTML(http.StatusOK, "admin/views/index.html", gin.H{
"title": "views页面",
})
}
func (con AdminControllers) DeteleCookie(c *gin.Context) {
username, err := c.Cookie("username")
// 获取名为 "my_cookie" 的 Cookie
if err == nil {
// 找到了名为 "my_cookie" 的 Cookie
// cookie 变量包含了该 Cookie 的值
fmt.Printf("username==success===%v \n", username)
} else {
// 没有找到名为 "my_cookie" 的 Cookie
c.String(200, "username==error===%v \n", err.Error())
}
c.SetCookie("username", "王二妹", -1, "/", "localhost", false, true)
c.HTML(http.StatusOK, "admin/views/index.html", gin.H{
"title": "views-detelecookie-successfuly",
"username": username,
})
}
Requires admin/views/
Terminal output:
21:2:49 app | [GIN] 2023/06/30 - 21:02:49 | 200 | 7.0073ms | ::1 | GET "/admin/views"
21:2:55 app | username==success===王二妹
21:2:55 app | [GIN] 2023/06/30 - 21:02:55 | 200 | 5.0031ms | ::1 | GET "/admin/views/delete"
21:6:43 app | [GIN] 2023/06/30 - 21:06:43 | 200 | 6.0031ms | ::1 | GET "/admin/views"
21:8:38 app | username==success===王二妹
21:8:38 app | [GIN] 2023/06/30 - 21:08:38 | 200 | 7.0049ms | ::1 | GET "/admin/views/delete"Here you can expand on the issue of accessing cookies with second-level domain names;
In the localhost local environment, go to the host file in C:\Windows\System32\drivers\etc and modify the mapping file;
127.0.0.1 file.
Here you can intuitively see that after modification, different second-level domain names can also access the cookie value under the same localhost.
Regarding the use of Session, it is more about introducing third-party packages ( go get github.com/gin-contrib/sessions/cookie )
The corresponding package needs to be introduced in the code before the corresponding session middleware can be registered in the main() main entry file;
package main
// 引入但三方包 sessions/cookie
// go get github.com/gin-contrib/sessions/cookie
import (
"project/routers"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
)
func main() {
r := gin.Default()
// Create template for router html template
r.LoadHTMLGlob("*templates/**/**/*")
// 主入口文件 注册 session 中间件
store := cookie.NewStore([]byte("secret")) // 设置 Session 密钥
r.Use(sessions.Sessions("mysession", store))
r.GET("/", func(ctx *gin.Context) {
ctx.JSON(200, gin.H{
"message": "Hello, world!",
})
})
routers.AdminRoutersInit(r)
routers.DefaultRoutersInit(r)
r.Run(":8081")
}
The above is that the registration is successful and the registration is successful in the main entry file main.go file. So what about other parts of the world that are the scope of use? (Usually used in the corresponding controller of the route)
Display case:
defaultControllers.go file
package defaults
import (
"github.com/gin-contrib/sessions"
"github.com/gin-gonic/gin"
)
type DefaultControllers struct {
}
func (con DefaultControllers) Index(c *gin.Context) {
// 创建 session 引擎 传入工作对象
session := sessions.Default(c)
// 设置过期时间
session.Options(sessions.Options{
MaxAge: 3600 * 6, // 6个小时。基础单位秒
})
session.Set("username", "xiaoxiao")
session.Save()
c.String(200, "default-index.html")
}
func (con DefaultControllers) Add(c *gin.Context) {
// 获取 session 值 username
session := sessions.Default(c)
username := session.Get("username")
c.String(200, "default==add.html===%v \n", username)
}
The output result after the code is executed: Set the session value username when routing to /default , and set the session value when routing to /default/add ;
It can be seen that the value of the session here is encrypted. If we are interested, we can check the source code package of sessions.
Remark:
1. sessions.Default(c) Here is the object that generates a sessions middleware
2. Session.Save() must be present at the setting time, otherwise it will not take effect.
At the same time, when calling sessions, the registration storage space we use is the cookie container. We can also use other storage space containers, such as redis...
The container Redis is also a good choice here.
Hope it will be helpful to your study!