This is the code repository for the Go Web Programming book
sausheong / gwp Goto Github PK
View Code? Open in Web Editor NEWGo Web Programming code repository
Go Web Programming code repository
1.The way getting cookie in logout function can not get the cookie.
2.Because the way setting cookie in authenticate function did not set the path, and it was automatically set to "/authenticate".
3.And the logout function is serving in the path -- "/logout". So the server can't get the cookie in path -- "/authenticate".
4.My way to solve this problem is to set the path to "/logout" in authenticate function, that works.
5.I wonder is that a right or good way to solve this problem ? And what is the best way?
Cannot register a user when i build the application
When run e:\code\github\gwp\Chapter_7_Creating_Web_Services\web_service>go run server.go
got an error:
# command-line-arguments
.\server.go:50:15: undefined: retrieve
.\server.go:71:12: post.create undefined (type Post has no field or method create)
.\server.go:86:15: undefined: retrieve
.\server.go:109:15: undefined: retrieve
Chapter_6_Storing_Data/sql_store1/store.go
// get all posts
func Posts(limit int) (posts []Post, err error) {
rows, err := Db.Query("select id, content, author from posts limit $1", limit)
if err != nil {
return
}
for rows.Next() {
post := Post{}
err = rows.Scan(&post.Id, &post.Content, &post.Author)
if err != nil {
return ### //here return will cause rows can not close, I think it shoud be using "break"
}
posts = append(posts, post)
}
rows.Close()
return
}
Hello Sau Sheong Chang,
Congratulations for the book, it's very useful.
The logout
function in the book always triggers the warning
and doesn't delete the browser cookie:
func logout(writer http.ResponseWriter, request *http.Request) {
cookie, err := request.Cookie("_cookie")
if err != http.ErrNoCookie {
warning(err, "Failed to get cookie")
session := data.Session{Uuid: cookie.Value}
session.DeleteByUUID()
}
http.Redirect(writer, request, "/", 302)
}
A possible solution could be:
func logout(writer http.ResponseWriter, request *http.Request) {
cookie, err := request.Cookie("_cookie")
if err != http.ErrNoCookie {
session := data.Session{Uuid: cookie.Value}
session.DeleteByUUID()
cookie.MaxAge = -1
cookie.Expires = time.Unix(1, 0)
http.SetCookie(writer, cookie)
} else {
warning(err, "Failed to get cookie")
}
http.Redirect(writer, request, "/", 302)
}
./main.go:9:2: undefined: p
./main.go:9:16: undefined: version
./main.go:9:41: undefined: config
./main.go:13:36: undefined: config
./main.go:22:22: undefined: index
./main.go:24:25: undefined: err
./main.go:27:27: undefined: login
./main.go:28:28: undefined: logout
./main.go:29:28: undefined: signup
./main.go:30:36: undefined: signupAccount
./main.go:30:36: too many errors
Hi,
On the following line:
The method is named Encrypt instead of Hash. I understand it wouldn't be possible to solve this now, however for future revisions of this book I think changing the name to be more accurate is important.
Do you think it would be more educational to use http://stackoverflow.com/a/23259804 as an example of generating a hashed password and then comparing the password provided by chitchat user to the previously hashed password here https://github.com/sausheong/gwp/blob/master/Chapter_2_Go_ChitChat/chitchat/route_auth.go#L48
Another suggestion, could you add CSRF protection to the ChitChat example or at least address it in the book somewhere (preferably session based one: CSRF token from the form's POST value or HTTP request's CSRF header value, has to match CSRF token in the session store)
This way basic security protection is covered.
hi, sau sheong chang.
I could not make sense where {{ User.Name }}
comes from. Where does it come from?
https://github.com/sausheong/gwp/blob/master/Chapter_2_Go_ChitChat/chitchat/templates/index.html#L12
Supposingly it is binding Thread.UserId and User.Id. but I could not find out where it is binding them.
where are the function define?
mux.HandleFunc("/err", err)
// defined in route_auth.go
mux.HandleFunc("/login", **login**)
mux.HandleFunc("/logout", **logout**)
mux.HandleFunc("/signup", **signup**)
mux.HandleFunc("/signup_account", **signupAccount**)
mux.HandleFunc("/authenticate", **authenticate**)
// defined in route_thread.go
mux.HandleFunc("/thread/new", **newThread**)
mux.HandleFunc("/thread/create", **createThread**)
mux.HandleFunc("/thread/post", **postThread**)
mux.HandleFunc("/thread/read", **readThread**)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.