csrf/cookies.go

package csrf

import (
	"net/http"
	"strings"
)

func (m *Middleware) getTokenFromCookies(r *http.Request) string {
	tokenCookie, err := r.Cookie(m.CookieName)
	if err != nil {
		return ""
	}

	tokenValue := strings.TrimSpace(tokenCookie.Value)
	return tokenValue
}

// Set a cookie with CSRF token that will expire when the browser shuts down.
func (m *Middleware) setTokenCookie(w http.ResponseWriter, token string) {
	http.SetCookie(w, &http.Cookie{
		Name:  m.CookieName,
		Value: token,
		Path:  "/",
		// JavaScript should have access to this cookie.
		HttpOnly: false,
		SameSite: m.SameSite,
		Secure:   m.Secure,
	})
}
Initial commit 2025-06-11 00:24:24 +05:00			`package csrf`

			`import (`
			`"net/http"`
			`"strings"`
			`)`

			`func (m Middleware) getTokenFromCookies(r http.Request) string {`
			`tokenCookie, err := r.Cookie(m.CookieName)`
			`if err != nil {`
			`return ""`
			`}`

			`tokenValue := strings.TrimSpace(tokenCookie.Value)`
			`return tokenValue`
			`}`

			`// Set a cookie with CSRF token that will expire when the browser shuts down.`
			`func (m *Middleware) setTokenCookie(w http.ResponseWriter, token string) {`
			`http.SetCookie(w, &http.Cookie{`
			`Name: m.CookieName,`
			`Value: token,`
			`Path: "/",`
			`// JavaScript should have access to this cookie.`
			`HttpOnly: false,`
			`SameSite: m.SameSite,`
			`Secure: m.Secure,`
			`})`
			`}`