一、token避免反复提交
package main
import (
"crypto/md5"
"fmt"
"html/template"
"io"
"net/http"
"strconv"
"time"
)
func login(w http.ResponseWriter, r *http.Request) {
//获取请求方法
fmt.Println("method:",r.Method)
//判断是否是get请求方法
if r.Method == "GET" {
unix := time.Now().Unix()
hash := md5.New()
io.WriteString(hash, strconv.FormatInt(unix, 10))
token := fmt.Sprintf("%x", hash.Sum(nil))
fmt.Println("token=",token)
files, err := template.ParseFiles("D:/goproject/src/webDemo/http/form/upload.gtpl")
if err != nil {
panic(err)
}
files.Execute(w,token)
} else {
//请求是登陆数据
r.ParseForm()
token := r.Form.Get("token")
fmt.Println(token)
if token != "" {
//验证token合法性
fmt.Println("token:",token)
} else {
//不存在token就报错
fmt.Println("token错误")
}
if len(r.Form["username"]) > 1 {
fmt.Println("username的长度为:",len(r.Form["username"][0]))
}
//输出到服务器
fmt.Println("username",template.HTMLEscapeString(r.Form.Get("username")))
fmt.Println("password",template.HTMLEscapeString(r.Form.Get("password")))
//输出到客户端
template.HTMLEscape(w,[]byte(r.Form.Get("username")))
}
}
func main() {
http.HandleFunc("/login",login)
http.ListenAndServe(":8080",nil)
}
gtpl文件
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录界面</title>
</head>
<body>
<form action="http://127.0.0.1:8080/login" method="post">
用户名:<input type="text" name="username"><br>
密   码:<input type="password" name="password"><br>
<input type="hidden" name="token" value="{{.}}">
<input type="submit" value="登陆">
</form>
</body>
</html>