Hide HTML content if a user is logged in

Question

I'm writing a web server in Go and was asking myself, what the conventional way of conditionally hiding a part of an HTML page is. If I wanted a "sign in" button only to show up, when the user is NOT logged in, how would I achieve something like this? Is it achieved with template engines or something else?

Thank you for taking the time to read and answer this :)

You definitely can use template conditions for that. See http://stackoverflow.com/questions/16985469/switch-or-if-elseif-else-inside-golang-html-templates — RoninDev, Jul 20 '15 at 20:17
If you're using templates; http://golang.org/pkg/text/template/ then just make parts of them conditionally load. I'm not too experienced with that package myself but it would be appalling if it didn't support such a simple set up. I recommend making your login bit it's own template so you can reference it repeatedly in these various locations rather than inlining it over and over. — evanmcdonnal, Jul 20 '15 at 20:21
@RoninDev,evanmcdonnal Thank you for your answers and the helpful links :) I'll try to work with the template package of Go. I just wanted to see what other developers think about this. I also thought i was maybe taking a completely wrong approach. — rettetdemdativ, Jul 20 '15 at 20:56
Note: make sure to use http://golang.org/pkg/html/template/ and *not* text/template for a user-facing web application. — elithrar, Jul 20 '15 at 23:44

score 5 · Accepted Answer · answered Jul 20 '15 at 22:51

you just have to give a struct to your template and manage the rendering inside it.

Here is a working exemple to test:

package main

import (
    "html/template"
    "net/http"
)

func main() {
    http.HandleFunc("/", helloHandler)
    http.ListenAndServe(":8000", nil)
}

type User struct {
    Name string
}

func helloHandler(w http.ResponseWriter, r *http.Request) {
    t := template.New("logged exemple")
    t, _ = t.Parse(`
        <html>
        <head>
            <title>Login test</title>
        </head>
        <body>

        {{if .Logged}}
            It's me {{ .User.Name }}
        {{else}}
            -- menu --
        {{end}}


        </body>
        </html>
    `)

    // Put the login logic in a middleware
    p := struct {
        Logged bool
        User   *User
    }{
        Logged: true,
        User:   &User{Name: "Mario"},
    }

    t.Execute(w, p)
}

To manage the connexion you can use http://www.gorillatoolkit.org/pkg/sessions with https://github.com/codegangsta/negroni and create the connection logic inside a middleware.

Great example! I just tried to do it the same way and it works perfectly. Thanks you! — rettetdemdativ, Jul 21 '15 at 05:33

score -1 · Answer 2 · answered Jul 20 '15 at 20:18

-1

Simply start session on user login .Set the necessary values in session and then hide the html u want with if tag in javascript using session. Its very simple and best way to solve this type of problems.

answered Jul 20 '15 at 20:18

sahil rana

13
6

I disagree... If you want to hide the content behind a login you can't serve it to client then rely on their script to block it. All I have to do is open my developer tools and boom, there's your content I wasn't supposed to be looking at. – evanmcdonnal Jul 20 '15 at 20:20
see the question first. he is just asking to hide few details,no the important ones and see everyone can disable javascript and still it is used very much . its ok to use where security is not an issue and i think here the user want to hide a login button from user once user is logged in. thats it .it much easier and faster to do with js rather then doing with serverside coding which is also hackable . – sahil rana Jul 20 '15 at 20:25
If you're using a templating product like ASP, JSP, go templates ect it is no more code to do server side and no, it can't be "hacked" the page will be written differently before it's served so you couldn't re-expose the text on the client side as you could with javascript hiding. JS is also not faster, rewriting the DOM in JS is never faster than the token replacement that would occur in Go if you did it in your template. Doing it in JS is fine and not a big deal in most cases but definitely a hack and objectively worse for you applications security/consistency/performance ect. – evanmcdonnal Jul 20 '15 at 20:42
@evanmcdonnal So you would recommend looking at the template package of Go for security/performance reasons? I already figured this would be a popular approach. – rettetdemdativ Jul 20 '15 at 20:51
1

@mkocs I would say if you're making any kind of reasonable web app (like not a website I could make in a weekend) then you need to be using something like the templates package to serve content dynamically. If you're not using them to begin with then it might not be worth the effort. I would be personally using it for the sake of having a clean/well organized application and then as far as content hiding goes, it just makes more sense. I don't think it's really very important either way, I'm just not going to go a route that I know is worse when it's no more work to do it better. – evanmcdonnal Jul 20 '15 at 21:02

score -3 · Answer 3 · answered Jul 20 '15 at 20:23

-3

You might try something like this

<?php
    if($_SESSION['user']){}else{
        echo '<button onclick="yourfunction();">sign in</button>';
    }
?>

Thus, if they aren't logged in, this'll show up.

answered Jul 20 '15 at 20:23

kittenparry

149
1
3
11

Oh, my ignorance of Go language. Sorry about that. – kittenparry Jul 20 '15 at 20:25
1

Thank you very much for taking the time to answer my question anyway :) – rettetdemdativ Jul 20 '15 at 20:49

Hide HTML content if a user is logged in

3 Answers3

Linked