Skip to content

Commit

Permalink
Don't defer the session save
Browse files Browse the repository at this point in the history
  • Loading branch information
@mingrammer
mingrammer committed Mar 30, 2019
1 parent c4ec943 commit e0291d8
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion handler/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,11 @@ func GoogleAuthCallback(w http.ResponseWriter, r *http.Request) {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
defer session.Save(r, w)

// Validate state value
state := session.Values["state"]
delete(session.Values, "state")
session.Save(r, w)
if state != r.FormValue("state") {
http.Error(w, "invalid session state", http.StatusUnauthorized)
return
Expand Down Expand Up @@ -68,6 +68,7 @@ func GoogleAuthCallback(w http.ResponseWriter, r *http.Request) {
MaxAge: 86400,
}
session.Values["user"] = user
session.Save(r, w)

// Redirect to profile page
http.Redirect(w, r, "/profile", http.StatusFound)
Expand Down

0 comments on commit e0291d8

Please sign in to comment.