Timing of cookies, intercept BEFORE #200
Description
I'm having a weird problem where I have a /signin/ page, which uses Post-Redirect-Get, where a user types credentials. It will POST them to /signin/check/. If the credentials are valid, it will save a parameter like c.Session["good"] = "good", and then immediately redirect to a protected page, /content/, via c.Redirect(routes.Content.Index()). I use an InterceptMethod like in the manual, to protect the page by checking the session vars.
Lately I have to sign-in twice before I can get to /content/. If I set the c.Session variables in the body of the /signin/check/ method, like this:
func (c Person) Check(p *models.Person) revel.Result {
...
if(p.WasValidLogin()) { // simplified
c.Session["Good"] = "good"
return c.Redirect(routes.Content.Index())
}
...
} and then immediately redirect to /content/, it doesn't yet know about the c.Session["Good"], so the InterceptMethod checkSignedIn() doesn't pass authentication, and redirects.
(relevant sections of app.go & init.go)
unc (c AuthController) checkSignedIn() revel.Result {
revel.INFO.Printf("%v", c.Session) // For some reason, always empty after first sign-in
if _, good := c.Session["Good"]; !good {
c.Flash.Error("Please log in first.")
return c.Redirect(routes.Person.Signin(c.Request.URL.Path))
}
return nil
}
...
type Content struct {
AuthController
}
func (c Content) Index() revel.Result {
return c.Render()
}
...
func init() {
...
revel.InterceptMethod(AuthController.checkSignedIn, revel.BEFORE)
...
}So I guess when the c.Redirect is called in Person.Check, the Cookie: header doesn't yet contain the REVEL_SESSION=etcetcGood=goodetcetc, although on the next request it is populated and succeeds.
Do you have any tips on how I should change my flow to accommodate the proper order of things?