I have a registration page with two handlers, one for displaying the form, one for processing a form submission.
I am trying to use a session.AddFlash method to save an error, then do 302 redirect back to the registration form and display the error.
I set up a session store:
package web
import (
"github.com/gorilla/sessions"
)
var sessionStore = sessions.NewCookieStore([]byte(sessionSecret))
Then my handlers look like this:
package web
import (
"html/template"
"log"
"net/http"
)
func registerForm(w http.ResponseWriter, r *http.Request) {
session, err := sessionStore.Get(r, "mysession")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data := map[string]interface{}{}
log.Print("Flashes: ")
log.Print(session.Flashes())
if flashes := session.Flashes(); len(flashes) > 0 {
data["error"] = flashes[0]
}
tmpl, _ := template.ParseFiles("web/templates/register.html.tmpl")
tmpl.Execute(w, data)
}
func register(w http.ResponseWriter, r *http.Request) {
session, err := sessionStore.Get(r, "mysession")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
r.ParseForm()
username := r.Form["username"][0]
password := r.Form["password"][0]
if UserExists(username) {
log.Print("Username already taken")
session.AddFlash("Username already taken")
http.Redirect(w, r, "/web/register", http.StatusFound)
return
}
_, err = CreateUser(username, password)
log.Print(err)
if err != nil {
session.AddFlash(err.Error())
http.Redirect(w, r, "/web/register", http.StatusFound)
return
}
http.Redirect(w, r, "/web/login", http.StatusFound)
}
By adding logs I can see that UserExists returns true therefor a flash message should be added however after redirection to the form handler there is no flash message saved in the session.
I think you have to save the session before you redirect.
session.Save(r, w)
http://www.gorillatoolkit.org/pkg/sessions#Session.Save
Related
This is code snippet from a file called upload.go.
I tried a lot of ways to redirect to another pages. I want to redirect to another page when the statements in POST are completed running.
package main
import (
"fmt"
"io"
"net/http"
"os"
"text/template"
)
func upload(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
// GET
t, _ := template.ParseFiles("upload.gtpl")
t.Execute(w, nil)
} else if r.Method == "POST" {
// Post
file, handler, err := r.FormFile("uploadfile")
if err != nil {
fmt.Println(err)
return
}
defer file.Close()
fmt.Fprintf(w, "%v", handler.Header)
f, err := os.OpenFile("./test/"+handler.Filename, os.O_WRONLY|os.O_CREATE, 0666)
if err != nil {
fmt.Println(err)
return
}
defer f.Close()
io.Copy(f, file)
img, err := imgio.Open("./test/" + handler.Filename)
if err != nil {
panic(err)
}
inverted := effect.Invert(img)
if err := imgio.Save("filename.png", inverted, imgio.PNGEncoder()); err != nil {
panic(err)
}
fmt.Fprintf(w, "%v", handler.Header)
http.Redirect(w, r, "www.google.com", http.StatusMovedPermanently)
} else {
fmt.Println("Unknown HTTP " + r.Method + " Method")
}
}
func main() {
http.HandleFunc("/upload", upload)
http.HandleFunc("/hi", func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hi")
http.Redirect(w, r, "www.google.com", http.StatusMovedPermanently)
})
http.ListenAndServe(":9090", nil) // setting listening port
}
It stays on the upload page what ever I do. Can anyone help me debug this?
Your code is writing to the ResponseWriter before trying to send a redirect.
Upon the first write to the ResponseWriter, the status code (200 OK) and headers are sent, if they haven't already been sent, and then the data you passed to the writer.
If you intend to send an HTTP redirect, you can't write any response body to the ResponseWriter. From reading your code, it doesn't make much sense why you are writing to it in the first place. They look like debugging print statements, which you probably ought to send to os.Stderr or a logger instead of the web page response body.
If you need to redirect after posting a form, you need to set the status to http.StatusSeeOther (303)
For example:
http.Redirect(w, r, "/index", http.StatusSeeOther)
I am new to Golang. I have made a demo app for practice in which i have login register and homepage. When i go to login page it redirects to home page . I am not understanding what is happening.
This is my go code
package main
import (
"database/sql"
"fmt"
"net/http"
_ "github.com/go-sql-driver/mysql"
"golang.org/x/crypto/bcrypt"
)
var db *sql.DB
var err error
func signupPage(res http.ResponseWriter, req *http.Request) {
fmt.Println("entered Signup")
if req.Method != "POST" {
http.ServeFile(res, req, "template/signup.html")
return
}
email := req.FormValue("email")
password := req.FormValue("password")
var user string
err := db.QueryRow("SELECT email FROM users WHERE email=?", email).Scan(&user)
switch {
case err == sql.ErrNoRows:
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
http.Error(res, "Server error, unable to create your account.", 500)
return
}
_, err = db.Exec("INSERT INTO users(email, password) VALUES(?, ?)", email, hashedPassword)
if err != nil {
http.Error(res, "Server error, unable to create your account.", 500)
}
res.Write([]byte("User Registered Successfully"))
return
case err != nil:
http.Error(res, "Server error, unable to create your account.", 500)
return
default:
http.Redirect(res, req, "/", 301)
}
}
func loginPage(res http.ResponseWriter, req *http.Request) {
fmt.Println("Entered login")
if req.Method != "POST" {
http.ServeFile(res, req, "template/login.html")
return
}
email := req.FormValue("email")
password := req.FormValue("password")
var dbemail string
var dbpassword string
err := db.QueryRow("SELECT email, password FORM users WHERE email=?", email).Scan(&dbemail, &dbpassword)
if err != nil {
http.Redirect(res, req, "/login", 301)
return
}
err = bcrypt.CompareHashAndPassword([]byte(dbpassword), []byte(password))
if err != nil {
http.Redirect(res, req, "/login", 301)
return
}
res.Write([]byte("Hello" + dbemail))
}
func homePage(res http.ResponseWriter, req *http.Request) {
http.ServeFile(res, req, "template/landing.html")
}
func main() {
db, err = sql.Open("mysql", "root:password#/golang_demo")
if err != nil {
panic(err.Error())
} else {
fmt.Println("Database connected successfully")
}
defer db.Close()
err = db.Ping()
if err != nil {
panic(err.Error())
}
http.HandleFunc("/login", loginPage)
http.HandleFunc("/", homePage)
http.HandleFunc("/signup", signupPage)
http.ListenAndServe(":9090", nil)
}
When i go to signup page it goes successfully. But when i go to login page it is redirecting me to home page. Please help!
This is just an educated guess, since from the code I am seeing it doesn't look like that should happen. Since you are using 301 redirects (Moved Permanently), I would guess that at some point in writing your function and testing it, you did a redirect to the home page. Since it is "moved permanently", the browser now doesn't even ask the server if it should redirect when it sees that URL, it just does it.
If you're in chrome, open the dev tools, and disabling the cache should resolve it. Or even better, try it in a different browser that you haven't used on this site yet, and see if it works there.
I need to have a custom not found html page. Here is what I've tried:
package main
import (
"net/http"
"github.com/julienschmidt/httprouter"
)
func main() {
r := httprouter.New()
r.NotFound = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(404)
http.ServeFile(w, r, "files/not-found.html")
})
http.ListenAndServe(":8000", r)
}
I have the line w.WriteHeader(404) to make sure the status code is 404, but the code above gives the error:
http: multiple response.WriteHeader calls
Without the line w.WriteHeader(404) there are no errors and the page is shown correctly, but the status code is 200. I want it to be 404.
You can simply just write the contents yourself.
Something like:
r.NotFound = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
contents, err := ioutil.ReadFile("files/not-found.html")
if err != nil {
panic(err) // or do something useful
}
w.WriteHeader(404)
w.Header().Set("Content-Type", "text/html; charset=utf-8")
w.Write(contents)
})
David's answer worked, and this is another way.
// other header stuff
w.WriteHeader(http.StatusNotFound)
file, err := os.Open("files/not-found.html")
if err != nil {
log.Println(err)
return
}
_, err = io.Copy(w, file)
if err != nil {
log.Println(err)
}
file.Close() // consider defer ^
I am trying to use vk auth with martini. But have error on compile:
/goPath/vkAuthTry2.go:38: undefined: YourRedirectFunc
The question is how to define YourRedirectFunc function. Or if ask more widely I need working example of martini app with vk social network authentication or if even more widely an example of any golang website using vk authentication.
Full code:
package main
import (
"github.com/go-martini/martini"
"github.com/yanple/vk_api"
"net/http"
)
var api vk_api.Api
func prepareMartini() *martini.ClassicMartini {
m := martini.Classic()
m.Get("/somePage", func(w http.ResponseWriter, r *http.Request) {
// And receive token on the special method (redirect uri)
currentUrl := r.URL.RequestURI() // for example "yoursite.com/get_access_token#access_token=3304fdb7c3b69ace6b055c6cba34e5e2f0229f7ac2ee4ef46dc9f0b241143bac993e6ced9a3fbc111111&expires_in=0&user_id=1"
accessToken, userId, expiresIn, err := vk_api.ParseResponseUrl(currentUrl)
if err != nil {
panic(err)
}
api.AccessToken = accessToken
api.UserId = userId
api.ExpiresIn = expiresIn
w.Write([]byte("somePage"))
})
return m
}
func main() {
authUrl, err := api.GetAuthUrl(
"domain.com/method_get_access_token", // redirect URI
"token", // response type
"4672050", // client id
"wall,offline", // permissions https://vk.com/dev/permissions
)
if err != nil {
panic(err)
}
YourRedirectFunc(authUrl)
prepareMartini().Run()
}
Update
I edited my code according to #Elwinar's answer:
package main
import (
"fmt"
"github.com/go-martini/martini"
"github.com/yanple/vk_api"
"net/http"
)
var api vk_api.Api
func prepareMartini() *martini.ClassicMartini {
m := martini.Classic()
// This handler redirect the request to the vkontact system, which
// will perform the authentification then redirect the request to
// the URL we gave as the first paraemeter of the GetAuthUrl method
// (treated by the second handler)
m.Get("/vk/auth", func(w http.ResponseWriter, r *http.Request) {
var api vk_api.Api
authUrl, err := api.GetAuthUrl("http://localhost:3000/vk/token", "token", "4672050", "wall,offline")
if err != nil {
panic(err)
}
http.Redirect(w, r, authUrl, http.StatusFound)
})
// This handler is the one that get the actual authentification
// information from the vkontact api. You get the access token,
// userid and expiration date of the authentification session.
// You can do whatever you want with them, generally storing them
// in session to be able to get the actual informations later using
// the access token.
m.Get("/vk/token", func(w http.ResponseWriter, r *http.Request) {
accessToken, userId, expiresIn, err := vk_api.ParseResponseUrl(r.URL.String())
if err != nil {
panic(err)
}
fmt.Println(accessToken)
fmt.Println(userId)
fmt.Println(expiresIn)
})
return m
}
func main() {
prepareMartini().Run()
}
now no complie errors, but still cannot login.
When I opened http://localhost:3000/vk/auth I was redirected on page...
https://oauth.vk.com/authorize?client_id=MY_APP_ID&redirect_uri=localhost%3A3000%2Fvk%2Ftoken&response_type=token&scope=wall%2Coffline
... and got the following browser output:
{"error":"invalid_request","error_description":"redirect_uri is incorrect, check application domain in the settings page"}
Of course instead of 4672050 I pasted my app id. This app was specially generated for localhost:3000.
Maybe I need to paste somewhere my private key for oauth like pYFR2Xojlkad87880dLa.
Update 2
#qwertmax's answer almost works. I have successfully logged in by vk, but my code prints empty lines instead of userId and another user information:
accessToken, userId, expiresIn, err := vk_api.ParseResponseUrl(r.URL.String())
fmt.Println(accessToken)
fmt.Println(userId)
fmt.Println(expiresIn)
package main
import (
"fmt"
"github.com/go-martini/martini"
"github.com/yanple/vk_api"
"net/http"
)
var api vk_api.Api
func prepareMartini() *martini.ClassicMartini {
m := martini.Classic()
m.Get("/vk/auth", func(w http.ResponseWriter, r *http.Request) {
var api vk_api.Api
authUrl, err := api.GetAuthUrl("http://localhost:3000/vk/token", "token", "2756549", "wall,offline")
fmt.Println(authUrl)
if err != nil {
panic(err)
}
http.Redirect(w, r, authUrl, http.StatusFound)
})
m.Get("/vk/token", func(w http.ResponseWriter, r *http.Request) {
accessToken, userId, expiresIn, err := vk_api.ParseResponseUrl(r.URL.String())
if err != nil {
panic(err)
}
fmt.Println(accessToken)
fmt.Println(userId)
fmt.Println(expiresIn)
})
return m
}
func main() {
prepareMartini().Run()
}
for you VK settings you have to add your domain like on this screenshot
After that you will be redirected to http://localhost:3000/vk/token#access_token=some_token&expires_in=0&user_id=0000000
but I'm not sure how you will Parse url via "ParseResponseUrl" because vk get to you "fragment url".
Fragment url is not sending to serve via HTTP - I think that could be a problem.
Thanks for answer,
I added example #qwertmax and fixed bug for parse fragment of url. Please update package and see example.
package main
// Thanks #qwertmax for this example
// (http://stackoverflow.com/questions/29359907/social-network-vk-auth-with-martini)
import (
"log"
"github.com/go-martini/martini"
"github.com/yanple/vk_api"
"net/http"
)
var api vk_api.Api
func prepareMartini() *martini.ClassicMartini {
m := martini.Classic()
m.Get("/vk/auth", func(w http.ResponseWriter, r *http.Request) {
authUrl, err := api.GetAuthUrl(
"http://localhost:3000/vk/token",
"app client id",
"wall,offline")
if err != nil {
panic(err)
}
http.Redirect(w, r, authUrl, http.StatusFound)
})
m.Get("/vk/token", func(w http.ResponseWriter, r *http.Request) {
code := r.URL.Query().Get("code")
err := api.OAuth(
"http://localhost:3000/vk/token", // redirect uri
"app secret key",
"app client id",
code)
if err != nil {
panic(err)
}
http.Redirect(w, r, "/", http.StatusFound)
})
m.Get("/", func(w http.ResponseWriter, r *http.Request) string {
if api.AccessToken == "" {
return "<a href='/vk/auth'>Авторизоваться</a>"
}
// Api have: AccessToken, UserId, ExpiresIn
log.Println("[LOG] martini.go:48 ->", api.AccessToken)
// Make query
params := make(map[string]string)
params["domain"] = "yanple"
params["count"] = "1"
strResp, err := api.Request("wall.get", params)
if err != nil {
panic(err)
}
return strResp
})
return m
}
func main() {
prepareMartini().Run()
}
Update 1:
Update your package with command: go get -u github.com/yanple/vk_api
Thanks for the comment.
In the package documentation, YourRedirectFunc is intended as placeholder for the actual method used to redirect a request in your particular case. It could be http.Redirect for example. Same for getCurrentUrl.
In fact, the example you linked to should be written as two handlers for your martini instance:
// This handler redirect the request to the vkontact system, which
// will perform the authentification then redirect the request to
// the URL we gave as the first paraemeter of the GetAuthUrl method
// (treated by the second handler)
m.Get("/vk/auth", func(w http.ResponseWriter, r *http.Request) {
var api vk_api.Api
authUrl, err := api.GetAuthUrl("domain.com/vk/token", "token", "4672050", "wall,offline")
if err != nil {
panic(err)
}
http.Redirect(w, r, authUrl, http.Found)
})
// This handler is the one that get the actual authentification
// information from the vkontact api. You get the access token,
// userid and expiration date of the authentification session.
// You can do whatever you want with them, generally storing them
// in session to be able to get the actual informations later using
// the access token.
m.Get("/vk/token", func(w http.ResponseWriter, r *http.Request) {
accessToken, userId, expiresIn, err := vk_api.ParseResponseUrl(r.URL.String())
if err != nil {
panic(err)
}
})
I am using the gorilla/sessions package to implement sessions. the relevant code (or at least what I think is the only relevant part) is as follows:
// Function handler for executing HTML code
func lobbyHandler(w http.ResponseWriter, req *http.Request) {
if isLoggedIn := validateSession(w, req); isLoggedIn {
lobbyTempl.Execute(w, req.Host)
} else {
homeTempl.Execute(w, map[string]string{
"loginErrors": "Must log in first",
})
}
}
// Serves the files as needed, whenever they are requested
// used for all images, js, css, and other static files
func sourceHandler(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, r.URL.Path[1:])
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
un, pw := r.FormValue("lUn"), r.FormValue("lPw")
if usr := findUser(un, pw); usr != nil {
if createSession(w, r) {
http.Redirect(w, req, "/lobby.html", http.StatusFound)
}
} else {
homeTempl.Execute(w, map[string]string{
"loginErrors": "User not found",
})
}
}
func createSession(w http.ResponseWriter, r *http.Request) bool {
session, _ := store.Get(r, sessionName)
session.Values["isAuthorized"] = true
if err := session.Save(r, w); err != nil {
fmt.Println("saving error: ", err.Error())
return false
}
return true
}
func validateSession(w http.ResponseWriter, r *http.Request) bool {
if session, err := store.Get(r, sessionName); err == nil {
if v, ok := session.Values["isAuthorized"]; ok && v == true {
fmt.Println("Authorized user identified!")
return true
} else {
fmt.Println("Unauthorized user detected!")
return false
}
}
return false
}
func main() {
//...
// serving files for the game
http.HandleFunc("/", homeHandler)
http.Handle("/ws", websocket.Handler(wsLobbyHandler))
http.HandleFunc("/lobby.html", lobbyHandler)
http.HandleFunc("/formlogin", loginHandler)
//...
//http.HandleFunc("/*.html", SourceHandler)
if err := http.ListenAndServeTLS(*addr, "cert.pem", "key.pem", nil); err != nil {
log.Fatal("ListenAndServe:", err)
}
}`
in my html i have:
<form id="login_form" action="/formlogin" method="post">
When logging in, the request is handled within loginHandler
The user is identified correctly from the database and a session is created (via createSession()) and placed into the cookie store.
But after the redirect to lobby.html, back in loginHandler
http.Redirect(w, req, "/lobby.html", http.StatusFound)
the validation within lobbyHandler does not work. Does this have to do with the store.Save(...) altering the headers?
I'm very new to go, as well as web apps in general, so I would really appreciate feedback.
Thanks to the comments, i was able to stumble across a similar search that works for me.
session.Options = &sessions.Options{
Path: "/lobby.html",
}
I needed to make sure the cookies know where they are going to be redirected properly.