Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // DefaultCSRFConfig is the default CSRF middleware config. DefaultCSRFConfig = CSRFConfig{ TokenLength: 32, TokenLookup: "header:" + cnst.HeaderXCSRFToken, ContextKey: "csrf", CookieName: "_csrf", CookieMaxAge: 86400, } )
Functions ¶
func CSRFWithConfig ¶
func CSRFWithConfig(config CSRFConfig) gin.HandlerFunc
CSRFWithConfig returns a CSRF middleware with config.
func SetUp ¶
func SetUp() gin.HandlerFunc
CSRF returns a Cross-Site Request Forgery (CSRF) middleware.
Types ¶
type CSRFConfig ¶
type CSRFConfig struct {
// TokenLength is the length of the generated token.
TokenLength uint8 `yaml:"token_length"`
// TokenLookup is a string in the form of "<source>:<key>" that is used
// to extract token from the request.
// Optional. Default value "header:X-CSRF-Token".
// Possible values:
// - "header:<name>"
// - "form:<name>"
// - "query:<name>"
TokenLookup string `yaml:"token_lookup"`
// Context key to store generated CSRF token into context.
// Optional. Default value "csrf".
ContextKey string `yaml:"context_key"`
// Name of the CSRF cookie. This cookie will store CSRF token.
// Optional. Default value "csrf".
CookieName string `yaml:"cookie_name"`
// Domain of the CSRF cookie.
// Optional. Default value none.
CookieDomain string `yaml:"cookie_domain"`
// Path of the CSRF cookie.
// Optional. Default value none.
CookiePath string `yaml:"cookie_path"`
// Max age (in seconds) of the CSRF cookie.
// Optional. Default value 86400 (24hr).
CookieMaxAge int `yaml:"cookie_max_age"`
// Indicates if CSRF cookie is secure.
// Optional. Default value false.
CookieSecure bool `yaml:"cookie_secure"`
// Indicates if CSRF cookie is HTTP only.
// Optional. Default value false.
CookieHTTPOnly bool `yaml:"cookie_http_only"`
}
CSRFConfig defines the config for CSRF middleware.
Source Files
Click to show internal directories.
Click to hide internal directories.