
Security News
Meet Socket at Black Hat and DEF CON 2025 in Las Vegas
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
github.com/vizicist/sessions
This Go package attempts to free you from the hard work of implementing safe cookie-based web sessions.
Sessions implements a number of OWASP recommendations:
Additional features:
If you want to go one step further and have user signup, login, logout, password reset, email/password change implemented for you, check out github.com/rivo/users.
go get github.com/rivo/sessions
func MyHandler(response http.ResponseWriter, request *http.Request) {
session, err := sessions.Start(response, request, false)
if err != nil {
panic(err)
}
if session != nil {
fmt.Println("We have a session")
} else {
fmt.Println("We have no session")
}
}
(Providing true
will always return a session.)
With the session object, you can call:
RegenerateID
to switch the session ID,Set
, Get
, GetAndDelete
, and Delete
to (un-)assign values to keys,LogIn
and LogOut
to attach/detach users,GobEncode
, GobDecode
, MarshalJSON
, and UnmarshalJSON
to (un-)serialize sessions,Destroy
to end a session.SessionCookie
: Name of the session cookie.NewSessionCookie
: Function for new cookies (used to set cookie parameters).SessionExpiry
: Time to expiry for inactive sessions.SessionIDExpiry
: Maximum session ID lifetime before automatic regeneration.SessionIDGracePeriod
: Extended lifetime for regenerated session IDs.AcceptRemoteIP
: Accepted level of change for IP addresses.AcceptChangingUserAgent
: Whether or not user agent changes are accepted.MaxSessionCacheSize
: Size of local (write-through) session cache.SessionCacheExpiry
: Maximum session lifetime in local cache.Then there is Persistence
used to connect to the session store of your choice (defaults to RAM).
See http://godoc.org/github.com/rivo/sessions for the documentation.
See also the Wiki for more examples and explanations.
Add your issue here on GitHub. Feel free to get in touch if you have any questions.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.