Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var (
ErrInvalidToken = errors.New("csrf_token is not valid")
)
Functions ¶
This section is empty.
Types ¶
type CsrfFilter ¶
type CsrfFilter struct {
// contains filtered or unexported fields
}
CsrfFilter is used for all request if it's defined by configuration.
func (*CsrfFilter) Filter ¶
func (f *CsrfFilter) Filter(ctx context.Context, r *web.Request, w http.ResponseWriter, chain *web.FilterChain) web.Result
Filter is used on each request, and it calls csrf Service to validate token from request.
func (*CsrfFilter) Inject ¶
func (f *CsrfFilter) Inject(r *web.Responder, s application.Service)
Inject dependencies
type CsrfMiddleware ¶
type CsrfMiddleware struct {
// contains filtered or unexported fields
}
CsrfMiddleware is middleware which can be attached to particular action from controller to validate csrf token.
func (*CsrfMiddleware) Inject ¶
func (m *CsrfMiddleware) Inject(r *web.Responder, s application.Service)
Inject dependencies
func (*CsrfMiddleware) Secured ¶
func (m *CsrfMiddleware) Secured(action web.Action) web.Action
Secured validates csrf token by using csrf Service if controller action is wrapped with this middleware.
func (*CsrfMiddleware) SecuredHeader ¶
func (m *CsrfMiddleware) SecuredHeader(action web.Action) web.Action
SecuredHeader validates csrf token from header field by using csrf Service if controller action is wrapped with this middleware.
type CsrfTokenFormExtension ¶
type CsrfTokenFormExtension struct {
// contains filtered or unexported fields
}
CsrfTokenFormExtension is form extension which can be used in any form FormHandler when it's required.
func (*CsrfTokenFormExtension) Inject ¶
func (f *CsrfTokenFormExtension) Inject(service application.Service)
Inject dependencies
func (*CsrfTokenFormExtension) Validate ¶
func (f *CsrfTokenFormExtension) Validate(_ context.Context, req *web.Request, _ domain.ValidatorProvider, _ interface{}) (*domain.ValidationInfo, error)
Validate performs validation of the csrf token by using csrf Service.