package csrf import ( "crypto/rand" ) const ( alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" ) // Generate a new, cryptographically-secure, URL-safe token. func generateCSRFToken(tokenLength uint) (string, error) { arr := make([]byte, tokenLength) alphabetLength := byte(len(alphabet)) _, err := rand.Read(arr) if err != nil { return "", err } for i := range arr { arr[i] = alphabet[arr[i]%alphabetLength] } return string(arr), nil }