csrf

package

v0.1.4 Latest Latest Go to latest Published: May 28, 2017 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cssivision/looli

Links

Open Source Insights

README ¶

csrf

csrf middleware for looli, used to precent CSRF attack.

Usage

package main

import (
    "net/http"
    "github.com/cssivision/looli"
    "github.com/cssivision/looli/csrf"
    "log"
)

func main() {
    router := looli.Default()

    router.Use(csrf.New(csrf.Options{
        Skip: func(ctx *looli.Context) bool {
            if ctx.Method == http.MethodGet {
                return true
            }
            return false
        },
    }))

    router.Get("/", func(ctx *looli.Context) {
        token := csrf.NewToken(ctx)
        ctx.String("csrf %v\n", token)
    })

    router.Post("/", func(ctx *looli.Context) {
        ctx.String("token valid\n")
    })

    log.Println("server start on http://127.0.0.1:8080")
    log.Fatal(http.ListenAndServe(":8080", router))
}

Parameters

Parameters are passed to the middleware the csrf.New method as follow:

type Options struct {
    // using FormKey to get token
    FormKey   string

    // using HeaderKey to get token
    HeaderKey string

    // using Skip func to check whether to skip csrf check
    Skip      func(*looli.Context) bool

    // parameter below used to store secret key in cookie
    MaxAge    int
    Domain    string
    Path      string
    HttpOnly  bool
    Secure    bool
}

Licenses

All source code is licensed under the MIT License.

Documentation ¶

Index ¶

func Default() looli.HandlerFunc
func New(options Options) looli.HandlerFunc
func NewToken(c *looli.Context) string
type Options

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Default ¶

func Default() looli.HandlerFunc

func New ¶

func New(options Options) looli.HandlerFunc

func NewToken ¶

func NewToken(c *looli.Context) string

Types ¶

type Options ¶

type Options struct {
	FormKey   string
	HeaderKey string
	Skip      func(*looli.Context) bool
	MaxAge    int
	Domain    string
	Path      string
	HttpOnly  bool
	Secure    bool
}

Source Files ¶

View all Source files

csrf.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL