问题
I know many other languages and web frameworks will automatically update a cookie's expiration time to the session timeout every time a session is accessed via the backend (or some action like that). I don't believe Gorilla provides this utility.
I am consider just writing some request middleware that, if it detects a valid session, will extend the cookie lifetime but I am wondering if there is a better method of doing this.
What are the best practices for updating cookie expiration, especially as they pertain to Gorilla/Go?
回答1:
You could simply implement your own Store that builds on top of an existing session store like the CookieStore, but uses some rule to automatically update the expiration during a Save call.
回答2:
If you set the Max-Age parameter of the cookie, you don't need to set Expiry as well, unless you need to support old browsers that don't understand Max-Age.
Using only Max-Age means you don't need to update it on every request.
Set the spec: http://tools.ietf.org/html/rfc6265#section-4.1.2
来源:https://stackoverflow.com/questions/28616830/gorilla-sessions-how-to-automatically-update-cookie-expiration-on-request