csrf

package
v0.2.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2024 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrMissingHeader  = errors.New("missing CSRF token in request header")
	ErrMissingFormKey = errors.New("missing CSRF token in request body")
	ErrInvalidToken   = errors.New("invalid CSRF token")
	ErrMissingQuery   = errors.New("missing CSRF token in request query")
)

Functions

func FromForm 

func FromForm(req *http.Request, key string) (string, error)

Extract the CSRF token from the request body.

func FromHeader 

func FromHeader(req *http.Request, key string) (string, error)

Extract the CSRF token from the request header.

func FromQuery 

func FromQuery(req *http.Request, key string) (string, error)

Extract the CSRF token from the request query.

func New 

func New(store sessions.Store, options ...CSRFOption) *csrf

New returns a new CSRF middleware. Usage: 

var store = sessions.NewCookieStore([]byte("secret key"))
store.Options = &sessions.Options{
	Path:     "/",
	MaxAge:   0,
	Domain:   "localhost",
	Secure:   false,
	HttpOnly: true,
	SameSite: http.SameSiteLaxMode,
}

mux.Use(middleware.New(store).Middleware)

func TokenFromRequest 

func TokenFromRequest(req *http.Request) string

Types

type CSRFOption 

type CSRFOption func(*csrf)

func WithFormKeyName 

func WithFormKeyName(name string) CSRFOption

func WithHeaderKeyName 

func WithHeaderKeyName(name string) CSRFOption

func WithSessionName 

func WithSessionName(name string) CSRFOption

type TokenContextType 

type TokenContextType string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.