func (l *Log) Filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
now := time2.Now()
chain(req, resp)
cost := time2.Now().Sub(now)
l.log.Info(log.M{
"method": req.ReqMethod(),
"url": req.URL().String(),
"remote": req.RemoteAddr(),
"userAgent": req.GetHeader(zerver.HEADER_USERAGENT),
"cost": cost.String(),
"statusCode": resp.StatusCode(0),
})
}
func (x *Xsrf) VerifyFor(req zerver.Request) bool {
m := req.Method()
if !x.FilterGet && (m == "GET" || m == "HEAD" || m == "OPTIONS") {
return true
}
token := req.Header(_HEADER_XSRFTOKEN)
if token == "" {
token = req.Header(_HEADER_CSRFTOKEN)
if token == "" {
token = req.Param(_XSRF_PARAM_NAME)
if token == "" {
return false
}
}
}
data := x.verify(unsafe2.Bytes(token))
if data != nil {
x.Pool.Put(data)
t, ip, agent := x.TokenInfo.Unmarshal(data)
return t != -1 &&
t+x.Timeout >= time2.Now().Unix() &&
ip == req.RemoteIP() &&
agent == req.UserAgent()
}
return false
}
func (x *Xsrf) VerifyFor(req zerver.Request) bool {
m := req.ReqMethod()
if !x.FilterGet && (m == zerver.METHOD_GET || m == zerver.METHOD_HEAD || m == zerver.METHOD_OPTIONS) {
return true
}
token := req.GetHeader(_HEADER_XSRFTOKEN)
if token == "" {
token = req.GetHeader(_HEADER_CSRFTOKEN)
if token == "" {
token = req.Vars().QueryVar(_XSRF_PARAM_NAME)
if token == "" {
return false
}
}
}
data := x.verify(unsafe2.Bytes(token))
if data != nil {
x.Pool.Put(data)
t, ip := x.TokenInfo.Unmarshal(data)
return t != -1 &&
t+x.Timeout >= time2.Now().Unix() &&
ip == http2.IpOfAddr(req.RemoteAddr())
}
return false
}
func (x *Xsrf) CreateFor(req zerver.Request) ([]byte, error) {
bs, err := x.TokenInfo.Marshal(time2.Now().Unix(), req.RemoteIP(), req.UserAgent())
if err == nil {
return x.sign(bs), nil
}
return nil, err
}
func (x *Xsrf) CreateFor(req zerver.Request) ([]byte, error) {
bs, err := x.TokenInfo.Marshal(time2.Now().Unix(), http2.IpOfAddr(req.RemoteAddr()))
if err == nil {
return x.sign(bs), nil
}
return nil, err
}
// newSessionId generate new session id different from exists
func (sm *sessionManager) newSessionId() string {
sm.lock.Lock()
for {
id := strconv.Itoa(int(time2.Now().UnixNano() / 10))
if _, has := sm.sessions[id]; !has && !sm.store.IsExist(id) {
sm.lock.Unlock()
return id
}
}
}
func (l *Log) Filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
if l.CountTime {
now := time2.Now()
chain(req, resp)
cost := time2.Now().Sub(now)
l.logger.Infoln(
cost.String(),
resp.Status(),
req.Method(),
req.URL().Path,
req.RemoteIP(),
req.UserAgent())
} else {
chain(req, resp)
l.logger.Infoln(
resp.Status(),
req.Method(),
req.URL().Path,
req.RemoteIP(),
req.UserAgent())
}
}
func (c *Cipher) Decode(b []byte) ([]byte, error) {
if len(b) < c.hdrLen {
return nil, ErrBadKey
}
deadline := binary.BigEndian.Uint64(b[c.sigLen:c.hdrLen])
if c.ttl != 0 && uint64(time2.Now().Unix()) > deadline {
return nil, ErrExpiredKey
}
data := b[c.hdrLen:]
encData := c.encrypt(deadline, data)
if !bytes.Equal(encData, b) {
return nil, ErrInvalidSignature
}
return data, nil
}
func (c *Cipher) Decode(str []byte) ([]byte, error) {
hdrLen := c.sigLen + c.timestampLen
if len(str) < hdrLen {
return nil, ErrBadKey
}
tm := binary.BigEndian.Uint64(str[c.sigLen:])
if c.ttl != 0 && uint64(time2.Now().UnixNano()) > tm {
return nil, ErrExpiredKey
}
data := str[hdrLen:]
sig := c.encrypt(tm, data)
if !bytes.Equal(sig, str) {
return nil, ErrInvalidSignature
}
return data, nil
}
func (c *Cipher) Encode(b []byte) []byte {
deadline := uint64(time2.Now().Add(c.ttl).Unix())
return c.encrypt(deadline, b)
}
func (c *Cipher) Encode(str []byte) []byte {
n := uint64(time2.Now().Add(c.ttl).UnixNano())
return c.encrypt(n, str)
}
func (d *DB) timingString(dur time.Duration) string {
return time2.Now().Add(dur).Format(d.timeFormat)
}
