我有以下路由和会话设置:
func SetupRouter() *gin.Engine {
r := gin.Default()
// Session
store := cookie.NewStore([]byte("secret"))
// Set session expiration time
store.Options(sessions.Options{MaxAge: 3600 * 24}) // 24hr
r.Use(sessions.Sessions("mysession", store))
r.GET("api/business/", controllers.GetBusiness)
r.POST("api/business/login", controllers.Login)
r.GET("api/business/logout", controllers.Logout)
r.GET("api/business/session", controllers.GetBusinessSession)
r.POST(
"api/itemcategory/add",
// isBusinessAuth(),
controllers.CreateItemCategory,
)
r.POST(
"api/itemcategory/delete/:id",
// isBusinessAuth(),
controllers.DeleteItemCategory,
)
r.GET(
"api/itemcategory/all",
// isBusinessAuth(),
controllers.GetAllItemCategories,
)
r.POST(
"api/itemcategory/update/:id",
// isBusinessAuth(),
controllers.CreateItemCategory,
)
return r
}
isBusinessAuth()
函数:
func isBusinessAuth() gin.HandlerFunc {
return func(c *gin.Context) {
if sessions.Default(c).Get("businessAuth") == 1 {
c.Next()
return
} else {
c.JSON(http.StatusUnauthorized, gin.H{"error": "You are not authorized!"})
}
c.Abort()
return
}
}
这是在登录函数中放置会话的方式:
// Set business session
session.Set("businessAuth", 1)
session.Save()
无论会话具有什么值,isBusinessAuth()
都会为所有使用的路由返回“您未被授权”。我试图将它放在“/api/business/login”和“/api/business/session”路由上,并且按预期工作。我错过了什么?
谢谢:)