[Bug] RedisStore.new(req, "session-key") does not override existing cookie #20
Description
If a users sends a web request with for example an old cookie, or any key, it will be the id stored in the redis database. Shouldn't the save function following a New() call override the cookie id?
req, _ := http.NewRequest("GET", "http://www.example.com", nil)
req.Header.Set("Cookie", "session-key=a")
w := httptest.NewRecorder()
// Get session
session, err := store.New(req, "session-key")
if err != nil {
log.Fatal("failed getting session: ", err)
}
// Add a value
session.Values["foo"] = "bar"
// Save session
if err = sessions.Save(req, w); err != nil {
log.Fatal("failed saving session: ", err)
}
// w set-cookie will be "session-key=a", rather than a random generated one.