From 22902f636039584b2131fa50ad212c264c5497aa Mon Sep 17 00:00:00 2001 From: vCaesar Date: Sat, 10 Jun 2017 11:56:15 +0800 Subject: [PATCH] Format and remove 06.2.md spaces --- zh/06.2.md | 224 ++++++++++++++++++++++++++--------------------------- 1 file changed, 112 insertions(+), 112 deletions(-) diff --git a/zh/06.2.md b/zh/06.2.md index 282d645c..979d56f1 100644 --- a/zh/06.2.md +++ b/zh/06.2.md @@ -34,40 +34,40 @@ session的基本原理是由服务器为每个会话维护一份信息数据, 定义一个全局的session管理器 ```Go - type Manager struct { - cookieName string //private cookiename - lock sync.Mutex // protects session - provider Provider - maxlifetime int64 - } +type Manager struct { + cookieName string //private cookiename + lock sync.Mutex // protects session + provider Provider + maxlifetime int64 +} - func NewManager(provideName, cookieName string, maxlifetime int64) (*Manager, error) { - provider, ok := provides[provideName] - if !ok { - return nil, fmt.Errorf("session: unknown provide %q (forgotten import?)", provideName) - } - return &Manager{provider: provider, cookieName: cookieName, maxlifetime: maxlifetime}, nil +func NewManager(provideName, cookieName string, maxlifetime int64) (*Manager, error) { + provider, ok := provides[provideName] + if !ok { + return nil, fmt.Errorf("session: unknown provide %q (forgotten import?)", provideName) } + return &Manager{provider: provider, cookieName: cookieName, maxlifetime: maxlifetime}, nil +} ``` Go实现整个的流程应该也是这样的,在main包中创建一个全局的session管理器 ```Go - var globalSessions *session.Manager - //然后在init函数中初始化 - func init() { - globalSessions, _ = NewManager("memory","gosessionid",3600) - } +var globalSessions *session.Manager +//然后在init函数中初始化 +func init() { + globalSessions, _ = NewManager("memory","gosessionid",3600) +} ``` 我们知道session是保存在服务器端的数据,它可以以任何的方式存储,比如存储在内存、数据库或者文件中。因此我们抽象出一个Provider接口,用以表征session管理器底层存储结构。 ```Go - type Provider interface { - SessionInit(sid string) (Session, error) - SessionRead(sid string) (Session, error) - SessionDestroy(sid string) error - SessionGC(maxLifeTime int64) - } +type Provider interface { + SessionInit(sid string) (Session, error) + SessionRead(sid string) (Session, error) + SessionDestroy(sid string) error + SessionGC(maxLifeTime int64) +} ``` - SessionInit函数实现Session的初始化,操作成功则返回此新的Session变量 - SessionRead函数返回sid所代表的Session变量,如果不存在,那么将以sid为参数调用SessionInit函数创建并返回一个新的Session变量 @@ -77,31 +77,31 @@ Go实现整个的流程应该也是这样的,在main包中创建一个全局 那么Session接口需要实现什么样的功能呢?有过Web开发经验的读者知道,对Session的处理基本就 设置值、读取值、删除值以及获取当前sessionID这四个操作,所以我们的Session接口也就实现这四个操作。 ```Go - type Session interface { - Set(key, value interface{}) error //set session value - Get(key interface{}) interface{} //get session value - Delete(key interface{}) error //delete session value - SessionID() string //back current sessionID - } +type Session interface { + Set(key, value interface{}) error //set session value + Get(key interface{}) interface{} //get session value + Delete(key interface{}) error //delete session value + SessionID() string //back current sessionID +} ``` >以上设计思路来源于database/sql/driver,先定义好接口,然后具体的存储session的结构实现相应的接口并注册后,相应功能这样就可以使用了,以下是用来随需注册存储session的结构的Register函数的实现。 ```Go - var provides = make(map[string]Provider) +var provides = make(map[string]Provider) - // Register makes a session provide available by the provided name. - // If Register is called twice with the same name or if driver is nil, - // it panics. - func Register(name string, provider Provider) { - if provider == nil { - panic("session: Register provide is nil") - } - if _, dup := provides[name]; dup { - panic("session: Register called twice for provide " + name) - } - provides[name] = provider +// Register makes a session provide available by the provided name. +// If Register is called twice with the same name or if driver is nil, +// it panics. +func Register(name string, provider Provider) { + if provider == nil { + panic("session: Register provide is nil") } + if _, dup := provides[name]; dup { + panic("session: Register called twice for provide " + name) + } + provides[name] = provider +} ``` ### 全局唯一的Session ID @@ -109,49 +109,49 @@ Session ID是用来识别访问Web应用的每一个用户,因此必须保证 ```Go - func (manager *Manager) sessionId() string { - b := make([]byte, 32) - if _, err := io.ReadFull(rand.Reader, b); err != nil { - return "" - } - return base64.URLEncoding.EncodeToString(b) +func (manager *Manager) sessionId() string { + b := make([]byte, 32) + if _, err := io.ReadFull(rand.Reader, b); err != nil { + return "" } + return base64.URLEncoding.EncodeToString(b) +} ``` ### session创建 我们需要为每个来访用户分配或获取与他相关连的Session,以便后面根据Session信息来验证操作。SessionStart这个函数就是用来检测是否已经有某个Session与当前来访用户发生了关联,如果没有则创建之。 ```Go - func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (session Session) { - manager.lock.Lock() - defer manager.lock.Unlock() - cookie, err := r.Cookie(manager.cookieName) - if err != nil || cookie.Value == "" { - sid := manager.sessionId() - session, _ = manager.provider.SessionInit(sid) - cookie := http.Cookie{Name: manager.cookieName, Value: url.QueryEscape(sid), Path: "/", HttpOnly: true, MaxAge: int(manager.maxlifetime)} - http.SetCookie(w, &cookie) - } else { - sid, _ := url.QueryUnescape(cookie.Value) - session, _ = manager.provider.SessionRead(sid) - } - return +func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (session Session) { + manager.lock.Lock() + defer manager.lock.Unlock() + cookie, err := r.Cookie(manager.cookieName) + if err != nil || cookie.Value == "" { + sid := manager.sessionId() + session, _ = manager.provider.SessionInit(sid) + cookie := http.Cookie{Name: manager.cookieName, Value: url.QueryEscape(sid), Path: "/", HttpOnly: true, MaxAge: int(manager.maxlifetime)} + http.SetCookie(w, &cookie) + } else { + sid, _ := url.QueryUnescape(cookie.Value) + session, _ = manager.provider.SessionRead(sid) } + return +} ``` 我们用前面login操作来演示session的运用: ```Go - func login(w http.ResponseWriter, r *http.Request) { - sess := globalSessions.SessionStart(w, r) - r.ParseForm() - if r.Method == "GET" { - t, _ := template.ParseFiles("login.gtpl") - w.Header().Set("Content-Type", "text/html") - t.Execute(w, sess.Get("username")) - } else { - sess.Set("username", r.Form["username"]) - http.Redirect(w, r, "/", 302) - } +func login(w http.ResponseWriter, r *http.Request) { + sess := globalSessions.SessionStart(w, r) + r.ParseForm() + if r.Method == "GET" { + t, _ := template.ParseFiles("login.gtpl") + w.Header().Set("Content-Type", "text/html") + t.Execute(w, sess.Get("username")) + } else { + sess.Set("username", r.Form["username"]) + http.Redirect(w, r, "/", 302) } +} ``` ### 操作值:设置、读取和删除 SessionStart函数返回的是一个满足Session接口的变量,那么我们该如何用他来对session数据进行操作呢? @@ -159,25 +159,25 @@ SessionStart函数返回的是一个满足Session接口的变量,那么我们 上面的例子中的代码`session.Get("uid")`已经展示了基本的读取数据的操作,现在我们再来看一下详细的操作: ```Go - func count(w http.ResponseWriter, r *http.Request) { - sess := globalSessions.SessionStart(w, r) - createtime := sess.Get("createtime") - if createtime == nil { - sess.Set("createtime", time.Now().Unix()) - } else if (createtime.(int64) + 360) < (time.Now().Unix()) { - globalSessions.SessionDestroy(w, r) - sess = globalSessions.SessionStart(w, r) - } - ct := sess.Get("countnum") - if ct == nil { - sess.Set("countnum", 1) - } else { - sess.Set("countnum", (ct.(int) + 1)) - } - t, _ := template.ParseFiles("count.gtpl") - w.Header().Set("Content-Type", "text/html") - t.Execute(w, sess.Get("countnum")) +func count(w http.ResponseWriter, r *http.Request) { + sess := globalSessions.SessionStart(w, r) + createtime := sess.Get("createtime") + if createtime == nil { + sess.Set("createtime", time.Now().Unix()) + } else if (createtime.(int64) + 360) < (time.Now().Unix()) { + globalSessions.SessionDestroy(w, r) + sess = globalSessions.SessionStart(w, r) } + ct := sess.Get("countnum") + if ct == nil { + sess.Set("countnum", 1) + } else { + sess.Set("countnum", (ct.(int) + 1)) + } + t, _ := template.ParseFiles("count.gtpl") + w.Header().Set("Content-Type", "text/html") + t.Execute(w, sess.Get("countnum")) +} ``` 通过上面的例子可以看到,Session的操作和操作key/value数据库类似:Set、Get、Delete等操作 @@ -187,36 +187,36 @@ SessionStart函数返回的是一个满足Session接口的变量,那么我们 我们知道,Web应用中有用户退出这个操作,那么当用户退出应用的时候,我们需要对该用户的session数据进行销毁操作,上面的代码已经演示了如何使用session重置操作,下面这个函数就是实现了这个功能: ```Go - //Destroy sessionid - func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request){ - cookie, err := r.Cookie(manager.cookieName) - if err != nil || cookie.Value == "" { - return - } else { - manager.lock.Lock() - defer manager.lock.Unlock() - manager.provider.SessionDestroy(cookie.Value) - expiration := time.Now() - cookie := http.Cookie{Name: manager.cookieName, Path: "/", HttpOnly: true, Expires: expiration, MaxAge: -1} - http.SetCookie(w, &cookie) - } +//Destroy sessionid +func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request){ + cookie, err := r.Cookie(manager.cookieName) + if err != nil || cookie.Value == "" { + return + } else { + manager.lock.Lock() + defer manager.lock.Unlock() + manager.provider.SessionDestroy(cookie.Value) + expiration := time.Now() + cookie := http.Cookie{Name: manager.cookieName, Path: "/", HttpOnly: true, Expires: expiration, MaxAge: -1} + http.SetCookie(w, &cookie) } +} ``` ### session销毁 我们来看一下Session管理器如何来管理销毁,只要我们在Main启动的时候启动: ```Go - func init() { - go globalSessions.GC() - } +func init() { + go globalSessions.GC() +} - func (manager *Manager) GC() { - manager.lock.Lock() - defer manager.lock.Unlock() - manager.provider.SessionGC(manager.maxlifetime) - time.AfterFunc(time.Duration(manager.maxlifetime), func() { manager.GC() }) - } +func (manager *Manager) GC() { + manager.lock.Lock() + defer manager.lock.Unlock() + manager.provider.SessionGC(manager.maxlifetime) + time.AfterFunc(time.Duration(manager.maxlifetime), func() { manager.GC() }) +} ``` 我们可以看到GC充分利用了time包中的定时器功能,当超时`maxLifeTime`之后调用GC函数,这样就可以保证`maxLifeTime`时间内的session都是可用的,类似的方案也可以用于统计在线用户数之类的。