csrf

package
v0.0.0-...-d6ca7af Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2020 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package csrf provides a functionality for creating, destroying, validating, and attaching Cross-site Forgery Request protection tokens.

The tokens are attached as cookies to the request and are good for a single request. The caller can set a timeout duration as well that enables tokens to expire without being used.

Index

Constants

View Source 
const (
	// CookieName is the key value for the header attached to HTTP responses
	CookieName = "X-CSRF"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Handler 

type Handler struct {
	*session.Handler
}

Handler handles Cross-site request forgery tokens

func NewHandler 

func NewHandler(db *sql.DB, timeout time.Duration, secret []byte) *Handler

NewHandler creates a new handler using the database pointer.

func (*Handler) GenerateNewToken 

func (c *Handler) GenerateNewToken(w http.ResponseWriter, r *http.Request) error

GenerateNewToken generates a new token for protecting against CSRF. The token is attached to the response writer as a cookie.

func (*Handler) ValidToken 

func (c *Handler) ValidToken(r *http.Request) error

ValidToken verifies that a CSRF token is valid and then destroys it.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.