Golang中如何实现无效登录的代码处理
Golang中如何实现无效登录的代码处理
package main
import (
"fmt"
"net/http"
"github.com/gorilla/mux"
"github.com/gorilla/securecookie"
)
// cookie handling
var cookieHandler = securecookie.New(
securecookie.GenerateRandomKey(64),
securecookie.GenerateRandomKey(32))
func getUserName(request *http.Request) (userName string) {
if cookie, err := request.Cookie("session"); err == nil {
cookieValue := make(map[string]string)
if err = cookieHandler.Decode("session", cookie.Value, &cookieValue); err == nil {
userName = cookieValue["name"]
}
}
return userName
}
func setSession(userName string, response http.ResponseWriter) {
value := map[string]string{
"name": userName,
}
if encoded, err := cookieHandler.Encode("session", value); err == nil {
cookie := &http.Cookie{
Name: "session",
Value: encoded,
Path: "/",
}
http.SetCookie(response, cookie)
}
}
func clearSession(response http.ResponseWriter) {
cookie := &http.Cookie{
Name: "session",
Value: "",
Path: "/",
MaxAge: -1,
}
http.SetCookie(response, cookie)
}
// login handler
func loginHandler(response http.ResponseWriter, request *http.Request) {
name := request.FormValue("name")
pass := request.FormValue("password")
redirectTarget := "/"
if name != "" && pass != "" {
// .. check credentials ..
setSession(name, response)
redirectTarget = "/internal"
} else {
redirectTarget = "/"
}
http.Redirect(response, request, redirectTarget, 302)
}
// logout handler
func logoutHandler(response http.ResponseWriter, request *http.Request) {
clearSession(response)
http.Redirect(response, request, "/", 302)
}
// index page
const indexPage = `
<h1>Login</h1>
<form method="post" action="/login">
<label for="name">User name</label>
<input type="text" id="name" name="name">
<label for="password">Password</label>
<input type="password" id="password" name="password">
<button type="submit">Login</button>
</form>
`
func indexPageHandler(response http.ResponseWriter, request *http.Request) {
fmt.Fprintf(response, indexPage)
}
// internal page
const internalPage = `
<h1>Internal</h1>
<hr>
<small>User: %s</small>
<form method="post" action="/logout">
<button type="submit">Logout</button>
</form>
`
func internalPageHandler(response http.ResponseWriter, request *http.Request) {
userName := getUserName(request)
if userName != "" {
fmt.Fprintf(response, internalPage, userName)
} else {
http.Redirect(response, request, "/", 302)
}
}
// server main method
var router = mux.NewRouter()
func main() {
router.HandleFunc("/", indexPageHandler)
router.HandleFunc("/internal", internalPageHandler)
router.HandleFunc("/login", loginHandler).Methods("POST")
router.HandleFunc("/logout", logoutHandler).Methods("POST")
http.Handle("/", router)
http.ListenAndServe(":8000", nil)
}
各位专家,如果用户名和密码为空,我该如何设置无效登录?我想在用户名和密码字段上方显示登录错误信息。谢谢
更多关于Golang中如何实现无效登录的代码处理的实战教程也可以访问 https://www.itying.com/category-94-b0.html
7 回复
我可以这样写吗…那要怎么在页面上显示呢?
func loginHandler(response http.ResponseWriter, request *http.Request) {
name := request.FormValue("name")
pass := request.FormValue("password")
redirectTarget := "/"
if name != "" && pass != "" {
// .. check credentials ..
setSession(name, response)
redirectTarget = "/internal"
} else {
aaa = "Invalid Login"
}
在这段代码中,如果用户名和密码不为空,将跳转到内部页面;如果是空值,我想显示"登录无效"的提示信息。
func loginHandler(response http.ResponseWriter, request *http.Request) {
name := request.FormValue("name")
pass := request.FormValue("password")
redirectTarget := "/"
if name != "" && pass != "" {
// .. check credentials ..
setSession(name, response)
redirectTarget = "/internal"
} else {
redirectTarget = "/"
}
http.Redirect(response, request, redirectTarget, 302)
}
在您的代码中,当用户名或密码为空时,登录处理程序会重定向回首页,但不会显示错误信息。要实现无效登录的错误提示,您需要修改登录处理程序以在重定向时传递错误信息,并在首页处理程序中检查并显示该信息。
以下是修改后的代码示例:
package main
import (
"fmt"
"net/http"
"net/url"
"github.com/gorilla/mux"
"github.com/gorilla/securecookie"
)
// cookie handling
var cookieHandler = securecookie.New(
securecookie.GenerateRandomKey(64),
securecookie.GenerateRandomKey(32))
func getUserName(request *http.Request) (userName string) {
if cookie, err := request.Cookie("session"); err == nil {
cookieValue := make(map[string]string)
if err = cookieHandler.Decode("session", cookie.Value, &cookieValue); err == nil {
userName = cookieValue["name"]
}
}
return userName
}
func setSession(userName string, response http.ResponseWriter) {
value := map[string]string{
"name": userName,
}
if encoded, err := cookieHandler.Encode("session", value); err == nil {
cookie := &http.Cookie{
Name: "session",
Value: encoded,
Path: "/",
}
http.SetCookie(response, cookie)
}
}
func clearSession(response http.ResponseWriter) {
cookie := &http.Cookie{
Name: "session",
Value: "",
Path: "/",
MaxAge: -1,
}
http.SetCookie(response, cookie)
}
// login handler
func loginHandler(response http.ResponseWriter, request *http.Request) {
name := request.FormValue("name")
pass := request.FormValue("password")
if name == "" || pass == "" {
// 重定向回首页并传递错误参数
redirectTarget := "/?error=" + url.QueryEscape("用户名和密码不能为空")
http.Redirect(response, request, redirectTarget, 302)
return
}
// 这里可以添加实际的凭据验证逻辑
// 例如,如果验证失败:
// if !isValidCredentials(name, pass) {
// redirectTarget := "/?error=" + url.QueryEscape("无效的用户名或密码")
// http.Redirect(response, request, redirectTarget, 302)
// return
// }
setSession(name, response)
http.Redirect(response, request, "/internal", 302)
}
// logout handler
func logoutHandler(response http.ResponseWriter, request *http.Request) {
clearSession(response)
http.Redirect(response, request, "/", 302)
}
// index page
const indexPage = `
<h1>Login</h1>
{{if .Error}}
<div style="color: red; margin-bottom: 10px;">
{{.Error}}
</div>
{{end}}
<form method="post" action="/login">
<label for="name">User name</label>
<input type="text" id="name" name="name">
<label for="password">Password</label>
<input type="password" id="password" name="password">
<button type="submit">Login</button>
</form>
`
func indexPageHandler(response http.ResponseWriter, request *http.Request) {
// 从URL参数获取错误信息
errorMsg := request.URL.Query().Get("error")
data := struct {
Error string
}{
Error: errorMsg,
}
// 简单的模板渲染
page := indexPage
if data.Error != "" {
page = fmt.Sprintf(`<h1>Login</h1>
<div style="color: red; margin-bottom: 10px;">
%s
</div>
<form method="post" action="/login">
<label for="name">User name</label>
<input type="text" id="name" name="name">
<label for="password">Password</label>
<input type="password" id="password" name="password">
<button type="submit">Login</button>
</form>`, data.Error)
} else {
page = indexPage
}
fmt.Fprintf(response, page)
}
// internal page
const internalPage = `
<h1>Internal</h1>
<hr>
<small>User: %s</small>
<form method="post" action="/logout">
<button type="submit">Logout</button>
</form>
`
func internalPageHandler(response http.ResponseWriter, request *http.Request) {
userName := getUserName(request)
if userName != "" {
fmt.Fprintf(response, internalPage, userName)
} else {
http.Redirect(response, request, "/", 302)
}
}
// server main method
var router = mux.NewRouter()
func main() {
router.HandleFunc("/", indexPageHandler)
router.HandleFunc("/internal", internalPageHandler)
router.HandleFunc("/login", loginHandler).Methods("POST")
router.HandleFunc("/logout", logoutHandler).Methods("POST")
http.Handle("/", router)
http.ListenAndServe(":8000", nil)
}
主要修改点:
- 在
loginHandler中,当用户名或密码为空时,通过URL参数传递错误信息:
redirectTarget := "/?error=" + url.QueryEscape("用户名和密码不能为空")
- 在
indexPageHandler中,从URL参数获取错误信息并显示:
errorMsg := request.URL.Query().Get("error")
- 修改了首页模板,添加了条件显示错误信息的逻辑。
这样,当用户提交空的用户名或密码时,页面会重定向回登录页面并显示相应的错误信息。您还可以扩展这个模式来处理其他类型的登录错误,比如无效凭据等。
