lostecho/build-web-application-with-golang
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merging other languages

Browse Source
This commit is contained in:
James Miranda
2016-09-23 18:01:10 -03:00
parent 380a8ee74c
commit de3c5bdaa4
490 changed files with 24539 additions and 24588 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
en/06.0.md
View File

@@ -1,12 +1,11 @@
# 6 session和数据存储
Web开发中一个很重要的议题就是如何做好用户的整个浏览过程的控制因为HTTP协议是无状态的所以用户的每一次请求都是无状态的我们不知道在整个Web操作过程中哪些连接与该用户有关我们应该如何来解决这个问题呢Web里面经典的解决方案是cookie和sessioncookie机制是一种客户端机制把用户数据保存在客户端而session机制是一种服务器端的机制服务器使用一种类似于散列表的结构来保存信息每一个网站访客都会被分配给一个唯一的标志符,即sessionID,它的存放形式无非两种:要么经过url传递,要么保存在客户端的cookies里.当然,你也可以将Session保存到数据库里,这样会更安全,但效率方面会有所下降。
6.1小节里面讲介绍session机制和cookie机制的关系和区别6.2讲解Go语言如何来实现session里面讲实现一个简易的session管理器6.3小节讲解如何防止session被劫持的情况如何有效的保护session。我们知道session其实可以存储在任何地方6.3小节里面实现的session是存储在内存中的但是如果我们的应用进一步扩展了要实现应用的session共享那么我们可以把session存储在数据库中(memcache或者redis)6.4小节将详细的讲解如何实现这些功能。
## 目录
![](images/navi6.png?raw=true)
## links
* [目录](<preface.md>)
* 上一章: [第五章总结](<05.7.md>)
* 下一节: [session和cookie](<06.1.md>)
# 6 Data storage and sessions
An important topic in web development is providing a good user experience, but the fact that HTTP is a stateless protocol seems contrary to this spirit. How can we control the whole process of viewing websites for users? The classic solutions are using cookies and sessions, where cookies serve as the client side mechanism and sessions are saved on the server side with a unique identifier for every single user. Note that sessions can be passed in URLs or cookies, or even in your database (which is much more secure, but may hamper your application performance).
In section 6.1, we are going to talk about differences between cookies and sessions. In section 6.2, you'll learn how to use sessions in Go with an implementation of a session manager. In section 6.3, we will talk about session hijacking and how to prevent it when you know that sessions can be saved anywhere. The session manager we will implement in section 6.3 will save sessions in memory, but if we need to expand our application to allow for session sharing, it's always better to save these sessions directly into our database. We'll talk more about this in section 6.4.
## Links
- [Directory](preface.md)
- Previous Chapter: [Chapter 5 Summary](05.7.md)
- Next section: [Session and cookies](06.1.md)