My site uses the built-in login system to get to the page, like this:
func handler(w http.ResponseWriter, r *http.Request) {
c := appengine.NewContext(r)
u := user.Current(c)
if u == nil {
url, err := user.LoginURL(c, r.URL.String())
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Location", url)
w.WriteHeader(http.StatusFound)
return
}
fmt.Fprintf(w, "Hello, %v!", u)
}
How do I include that user info when doing an XMLHttpRequest from that page to a different url handled by the same GAE app?
I want to make sure that only logged in users have access to the url used for the XMLHttpRequest.