Initial commit
This commit is contained in:
commit
f2788efb82
GPG key ID:
416A03BC4ADA4CD7
9 changed files with 954 additions and 0 deletions
29
cookies.go
Normal file
29
cookies.go
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
package csrf
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func (m *Middleware) getTokenFromCookies(r *http.Request) string {
|
||||
tokenCookie, err := r.Cookie(m.CookieName)
|
||||
if err != nil {
|
||||
return ""
|
||||
}
|
||||
|
||||
tokenValue := strings.TrimSpace(tokenCookie.Value)
|
||||
return tokenValue
|
||||
}
|
||||
|
||||
// Set a cookie with CSRF token that will expire when the browser shuts down.
|
||||
func (m *Middleware) setTokenCookie(w http.ResponseWriter, token string) {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: m.CookieName,
|
||||
Value: token,
|
||||
Path: "/",
|
||||
// JavaScript should have access to this cookie.
|
||||
HttpOnly: false,
|
||||
SameSite: m.SameSite,
|
||||
Secure: m.Secure,
|
||||
})
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue