Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ConfigDefault = Config{ KeyLookup: "header:X-Csrf-Token", CookieName: "csrf_", CookieSameSite: "Strict", Expiration: 1 * time.Hour, KeyGenerator: utils.UUID, }
ConfigDefault is the default config
Functions ¶
Types ¶
type Config ¶
type Config struct { // Next defines a function to skip this middleware when returned true. // // Optional. Default: nil Next func(c *fiber.Ctx) bool // KeyLookup is a string in the form of "<source>:<key>" that is used // to extract token from the request. // Possible values: // - "header:<name>" // - "query:<name>" // - "param:<name>" // - "form:<name>" // - "cookie:<name>" // // Optional. Default: "header:X-CSRF-Token" KeyLookup string // Name of the session cookie. This cookie will store session key. // Optional. Default value "_csrf". CookieName string // Domain of the CSRF cookie. // Optional. Default value "". CookieDomain string // Path of the CSRF cookie. // Optional. Default value "". CookiePath string // Indicates if CSRF cookie is secure. // Optional. Default value false. CookieSecure bool // Indicates if CSRF cookie is HTTP only. // Optional. Default value false. CookieHTTPOnly bool // Indicates if CSRF cookie is HTTP only. // Optional. Default value "Strict". CookieSameSite string // Expiration is the duration before csrf token will expire // // Optional. Default: 1 * time.Hour Expiration time.Duration // Store is used to store the state of the middleware // // Optional. Default: memory.New() Storage fiber.Storage // Context key to store generated CSRF token into context. // If left empty, token will not be stored in context. // // Optional. Default: "" ContextKey string // KeyGenerator creates a new CSRF token // // Optional. Default: utils.UUID KeyGenerator func() string // Deprecated, please use Expiration CookieExpires time.Duration // Deprecated, please use Cookie* related fields Cookie *fiber.Cookie // Deprecated, please use KeyLookup TokenLookup string }
Config defines the config for middleware.
Click to show internal directories.
Click to hide internal directories.