Group middlewares

[dre1080]

I'm currently having an issue with per-group middlewares. I'm not getting the desired outcome.

Here is some example code:

In server.go:

e := echo.New()
e.Use(...)
router.Setup(e)
e.Run(":1323")

In package router:

func Setup(e *echo.Echo) {
    auth := e.Group("/auth")
    auth.Use(func(c *echo.Context) {
       if c.Get("User") != nil {
           return echo.NewHTTPError(http.StatusForbidden, "Don't need User")
       }
       return nil
    })
    auth.Get("/login", myLoginHandler)

    user := e.Group("/user")
    user.Use(func(c *echo.Context) {
       if c.Get("User") == nil {
           return echo.NewHTTPError(http.StatusUnauthorized, "Need User")
       }
       return nil
    })
    user.Get("/logout", myLogoutHandler)
}

Now, when I start the server & navigate to /auth/login.
I get a "Need User" response when I shouldn't be getting any response & instead show the login page.

The same thing happens vice-versa, if I define user & its middleware before auth. I'll be able to logout.

It seems the middleware for the previous group is cancelled uses the next group's middleware instead.

[vishr]

With the code below, I got login handler for /auth/login

package main

import (
    "net/http"

    "github.com/labstack/echo"
    mw "github.com/labstack/echo/middleware"
)

func main() {
    e := echo.New()
    e.Use(mw.Logger())
    e.Use(mw.Recover())

    auth := e.Group("/auth")
    auth.Use(func(c *echo.Context) error {
        if c.Get("User") != nil {
            return echo.NewHTTPError(http.StatusForbidden, "Don't need User")
        }
        return nil
    })
    auth.Get("/login", func(c *echo.Context) error {
        return c.String(http.StatusOK, "login")
    })

    user := e.Group("/user")
    user.Use(func(c *echo.Context) error {
        if c.Get("User") == nil {
            return echo.NewHTTPError(http.StatusUnauthorized, "Need User")
        }
        return nil
    })
    user.Get("/logout", func(c *echo.Context) error {
        return c.String(http.StatusOK, "logout")
    })

    e.Run(":1323")
}

[dre1080]

Sorry for the trouble. Found out the issue was with one of my middlewares.
I was using StripTrailingSlash middleware. When I removed it, it worked.

[dre1080]

I get this issue when I use 5 or more global middlewares.

[vishr]

@dre1080 It will help if you can post some code to reproduce and debug further.

[dre1080]

func setUser() echo.HandlerFunc {
    return func(c *echo.Context) error {
        user := session.GetUser(c) // eg. retrieves from db using cookie identifier
        if user != nil && user.ID != 0 {
            c.Set("User", user)
        }
        return nil
    }
}

func main() {
    e := echo.New()
    e.Use(mw.Logger())
    e.Use(mw.Recover())
    e.Use(mw.StripTrailingSlash())
    e.Use(mw.Gzip())
    e.Use(setUser())

    auth := e.Group("/auth")
    auth.Use(func(c *echo.Context) error {
        if c.Get("User") != nil {
            return echo.NewHTTPError(http.StatusForbidden, "Don't need User")
        }
        return nil
    })
    auth.Get("/login", func(c *echo.Context) error {
        return c.String(http.StatusOK, "login")
    })

    user := e.Group("/user")
    user.Use(func(c *echo.Context) error {
        if c.Get("User") == nil {
            return echo.NewHTTPError(http.StatusUnauthorized, "Need User")
        }
        return nil
    })
    user.Get("/logout", func(c *echo.Context) error {
        return c.String(http.StatusOK, "logout")
    })

    e.Run(":1323")
}

I'm experiencing a scenario where nested group middleware doesn't execute, unless I add at least two mw on it. The third handler is being executed but not the third mw. It only seems to occur when I have multiple sibling groups (third & fourth) on the second group. Pseudo example below.

// GET /first/param/third
first := e.Group("/first")

second := first.Group("/:second")

third := second.Group("/third")
third.Use(func (c *echo.Context) error {
  println("Hello?")
  return nil
})
third.Get("", thirdHandler)

fourth := second.Group("/fourth")
fourth.Use(func (c *echo.Context) error {
  // do some stuff
  return nil
})
fourth.Get("", thirdHandler)

[vishr]

@laicosly Can you provide a working code with comments? It helps us to debug faster.

I'll try, it seems as if sibling groups are polluted by one another's middleware in my scenario. In the example above, I expect a request handled by the third group, not to trigger the fourth group's middleware, but it is.

[dre1080]

@laicosly that is the same issue I'm having

@Dre180 I'm working around this issue by using the secondary arbitrary args to define middleware on siblings groups where I'm seeing unexpected cross-pollution.

groupA := e.Group("/groupa", mwOne, mwTwo)
groupB := e.Group("/groupb", mwTwo)

declaring mw this way, instead of using e.Use seems to prevent the issue from occurring.

[hasty]

This is fixed in the #197 pull request.