README
¶
AntiXSRF for Go
Installation
Run go get resenje.org/antixsrf from command line.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // XSRFCookieName is an HTTP cookie name to store anti-XSRF token. XSRFCookieName = "secid" // XSRFHeaderName is an HTTP header name to check the token. XSRFHeaderName = "X-Secid" // XSRFFormFieldName is an HTTP form field name to check the token. XSRFFormFieldName = "secid" )
var ( ErrNoReferer = newError("antixsrf: missing referer header") ErrInvalidReferer = newError("antixsrf: invalid referer header") ErrInvalidToken = newError("antixsrf: invalid xsrf token") ErrMissingCookie = newError("antixsrf: missing xsrf cookie") ErrMissingToken = newError("antixsrf: missing xsrf token") ErrMissingHeader = newError("antixsrf: missing xsrf header") )
Errors related to invalid or missing anti-XSRF token value.
Functions ¶
func Generate ¶
func Generate(w http.ResponseWriter, r *http.Request, opts ...GenerateOption) string
Generate generates an anti-XSRF token and sets it as a cookie value.
func GenerateHandler ¶
GenerateHandler is a helper function that generates anti-XSRF cookie with default options inside a http handler middleware that can be chained with other http handlers.
Types ¶
type Error ¶
type Error struct {
// contains filtered or unexported fields
}
Error is a generic error for this package.
type GenerateOption ¶
type GenerateOption func(*GenerateOptions)
GenerateOption sets parameters defined in GenerateOptions.
func WithGenerateCookieDomain ¶ added in v0.1.1
func WithGenerateCookieDomain(domain string) GenerateOption
WithGenerateCookieDomain sets the cookie Domain.
func WithGenerateCookieMaxAge ¶
func WithGenerateCookieMaxAge(maxAge int) GenerateOption
WithGenerateCookieMaxAge sets the cookie max age value in seconds. Default is 0 which sets a session lived cookie.
func WithGenerateCookieName ¶
func WithGenerateCookieName(name string) GenerateOption
WithGenerateCookieName sets the cookie name that will be generated. Default is "secid".
func WithGenerateCookiePath ¶
func WithGenerateCookiePath(path string) GenerateOption
WithGenerateCookiePath sets the cookie path. Default is "/".
func WithGenerateForce ¶
func WithGenerateForce(force bool) GenerateOption
WithGenerateForce sets the new cookie with token even if it exists. Default is false.
type GenerateOptions ¶
type GenerateOptions struct {
// contains filtered or unexported fields
}
GenerateOptions holds optional parameters for the Generate function.
type VerifyOption ¶
type VerifyOption func(*VerifyOptions)
VerifyOption sets parameters defined in VerifyOptions.
func WithVerifyCookieName ¶
func WithVerifyCookieName(name string) VerifyOption
WithVerifyCookieName sets the cookie name to check the token. Default is "secid".
func WithVerifyFormFieldName ¶
func WithVerifyFormFieldName(name string) VerifyOption
WithVerifyFormFieldName sets the HTTP form field name to check the token. Default is "secid".
func WithVerifyHeaderName ¶
func WithVerifyHeaderName(name string) VerifyOption
WithVerifyHeaderName sets the HTTP header name to check the token. Default is "X-Secid".
type VerifyOptions ¶
type VerifyOptions struct {
// contains filtered or unexported fields
}
VerifyOptions holds optional parameters for the Generate function.
Source Files