Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrEmptyToken = errors.New("empty CSRF token") ErrInvalidToken = errors.New("invalid CSRF token") )
Functions ¶
func Check ¶
Check accepts a masked token to compare with the one on the given context. If the tokens match then it returns nil.
func IsNew ¶
IsNew returns true if the CSRF data on the given context has either been newly created or renewed.
func MaskedToken ¶
MaskedToken returns the CSRF token on the given context but masks it using a one time pad every time it's called.
This means that the token returned will look different every time the function is called, but will produce the same value when XOR'ed with the key, which is prepended to the data as the first half of the byte slice.
This is purely to help mitigate against things like the BREACH attack and a new CSRF token should still be generated on events like auth changes.
func RenewToken ¶
RenewToken generates a new CSRF token and replaces it on the given context.
Types ¶
This section is empty.