I have a web page that emulates authorizing API access. The user enters an API url and an authorization key (let's say "true" or "false"). On the Go side, there's a handler function for this path which reads the form and generates a token based on the authorization key.
Ideally, I'd like to save the token as a header and redirect the request to the proper handler based on the API url entered. However, when I use http.Redirect(), my header does not get sent as part of the request.
func createTokenHandler(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
path := r.FormValue("path")
auth := r.FormValue("auth") // let's say "true" or "false"
w.Header().Set("auth", auth)
http.Redirect(w, r, path, http.StatusFound) // is this the correct http code?
}
// path redirects to this handler
func otherPathHandler(w http.ResponseWriter, r *http.Request) {
// these were necessary for cross-domain requests to work with custom header, keeping them
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Headers", "auth")
auth = r.Header.Get("auth")
if auth == "true" {
w.Write([]byte("Validated, here's the API response."))
// continue
}
}
There may be several API urls with different paths, but my thought process has the token being written as a header in that same handler function every time. I'm designing it this way because the API url may eventually redirect to different domains, so I'd like to keep it separate from reading the form.
Google tells me to use Client.CheckRedirect somehow, but I'm not sure how to implement it in my handler functions. How can I redirect while keeping my headers? Thank you!