Logout link screwed up when using cookies in Go

Issue

As a backend developer who just started doing some web, I’m struggling with cookies and links. I’m implementing the basic auth system in Go. On sign-in, a cookie is set on the server-side and then its MaxAge is set to -1 on logout (again on server-side).

The things are running locally and all the cookies are set to root Path /

Login:

cookie := http.Cookie{
    Name:     name,
    Value:    value,
    Domain:   "localhost",
    Path:     "/"
}

Logout:

cookie := http.Cookie{
    Name:     name,
    Value:    value,
    Domain:   "localhost",
    Path:     "/",
    MaxAge:   -1,
}

Also, the logout handler redirects to root when it’s done.

Here is the flow:

  • Log in successful
  • Log out successful
  • Login in again successful
  • Logout sends me to a root instead of a logout page (a plain link is used for logout). It does not do anything (does not clear session and everything else) so I’m still logged in

Do you have any idea why this happens?

Solution

Sorry, believe it or not, it was a typo. I mistakenly used 301 redirections (instead pf 307). So first time logout route redirected to root with 301 status, each next click to Logout link would be automatically directed to root (Moved Pemanently). –

Answered By – aldm

Answer Checked By – Gilberto Lyons (GoLangFix Admin)

Leave a Reply

Your email address will not be published.