I'm making a simple web app using Go, gorilla for sessions and routing, and mustache for templates. I'm having an issue with the login involving, I believe, a problem with IE accepting the cookie. The problem only occurs with Internet Explorer, but otherwise the login works perfectly in Chrome. Here is my code:
func main() {
r := mux.NewRouter()
r.HandleFunc("/performance", Index)
r.HandleFunc("/performance/login", Login)
log.Fatal(http.ListenAndServe(":5901", r))
}
func Index(w http.ResponseWriter, r *http.Request) {
session, _ := store.Get(r, "performance")
if session.Values["username"] == nil {
http.Redirect(w, r, "/performance/login", http.StatusSeeOther)
}
dict := session.Values
fmt.Fprintf(w, mustache.RenderFileInLayout("templates/index.html", "templates/basepage.html", dict))
}
func Login(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" {
results := 0
r.ParseForm()
u := r.FormValue("username")
pass := r.FormValue("password")
p := PassEncrypt(pass)
q := map[string]string{}
rows, err := db.Query("SELECT username, name, title FROM user WHERE (username=$1) AND (password=$2)", u, p)
if err != nil {
log.Fatal(err)
}
for rows.Next() {
var username string
var name string
var title string
if err := rows.Scan(&username, &name, &title); err != nil {
log.Fatal(err)
}
q["username"] = username
q["name"] = name
q["title"] = title
results++
}
if results > 0 {
session, _ := store.Get(r, "performance")
session.Options = &sessions.Options{
MaxAge: 900,
}
session.Values["username"] = q["username"]
session.Values["name"] = q["name"]
session.Values["title"] = q["title"]
session.Save(r, w)
http.Redirect(w, r, "/performance", http.StatusSeeOther)
} else {
http.Redirect(w, r, "/performance/login", http.StatusSeeOther)
}
} else {
fmt.Fprintf(w, mustache.RenderFileInLayout("templates/login.html", "templates/basepage.html", nil))
}
}
When logging in using IE the user is redirected right back to the login page because the session value "username" is nil, while in Chrome the username is correctly defined and the index page is served. For some reason IE is not accepting the cookie, yet I changed all settings in IE to allow cookies from any site. Do I need to change one of the cookie options or add something to the cookie other than "MaxAge" for IE to accept it? Thanks in advance.