Esempi in Golang per CSRFSupport

Linguaggio di programmazione: Golang

Spazio dei nomi/nome del pacchetto: github.com/speedland/wcg/middleware

Metodo/funzione: CSRFSupport

Esempi su hotexamples.com: 2

CSRFSupport in Golang: 2 esempi trovati. Questi sono i migliori esempi reali in Golang per github.com/speedland/wcg/middleware.CSRFSupport, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: server.go Progetto: speedland/rakugaki

func startServer() {
	app := gae.NewServer()
	routes := app.Routes()

	dir, _ := os.Getwd()
	wcg.ViewConfig.BaseDir = filepath.Join(dir, "app/templates")

	routes.Before(func(res *wcg.Response, req *wcg.Request) {
		if req.URL().Path == "/favicon.ico" {
			res.WriteHeader(404)
			res.End()
		}
	})

	routes.Before(middleware.StaticFile("/static", filepath.Join(dir, "app/static")))
	before, after := middleware.SessionSupport(SessionConfig)

	routes.Before(before)
	routes.Before(func(res *wcg.Response, req *wcg.Request) {
		res.SetLocal("title", AppConfig.SiteTitle)
		res.SetLocal("copyright", AppConfig.Copyright)
	})

	routes.Post("/*", middleware.CSRFSupport())
	routes.Put("/*", middleware.CSRFSupport())
	routes.Delete("/*", middleware.CSRFSupport())

	configureOAuth(routes)
	routes.Get("/", TopHandler)
	configureBlogs(routes)
	configurePosts(routes)

	routes.After(after)
	routes.After(middleware.AccessLog(os.Stderr, ""))

	app.Run()
}

Esempio n. 2

Mostra file

File: auth.go Progetto: speedland/apps

func registerAuthHandlers(routes *wcg.Router) {
	middleware.SessionConfigIni.StoreFactory = gae.GAESessionStoreFactory
	sessionBefore, sessionAfter := middleware.SessionSupport()
	fbconfig := facebookConfig()
	fbauth, fbcallback, fbvalidates, fblogout := middleware.OAuth2(fbconfig)
	csrf := middleware.CSRFSupport()

	// resolve the access user
	routes.Before(func(res *wcg.Response, req *wcg.Request) {
		if apiTokenAuthHandler(res, req) {
			req.Logger.Debug("Api Token Auth: Yes")
			req.SetLocal(LOCAL_KEY_AUTH_TYPE, AUTH_TYPE_API_TOKEN)
			return
		}
		req.Logger.Debug("Api Token Auth: No")
		if cronAuthHandler(res, req) {
			req.Logger.Debug("Cron Auth: Yes")
			req.SetLocal(LOCAL_KEY_AUTH_TYPE, AUTH_TYPE_CRON)
			return
		}
		req.Logger.Debug("Cron Auth: No")

		if ahAuthHandler(res, req) {
			req.Logger.Debug("Ah Auth: Yes")
			req.SetLocal(LOCAL_KEY_AUTH_TYPE, AUTH_TYPE_AH)
			return
		}
		req.Logger.Debug("Ah Auth: No")
		req.Logger.Debug("Session Auth: Yes")

		sessionBefore(res, req)
		res.SetLocal(LOCAL_KEY_AUTH_TYPE, AUTH_TYPE_COOKIE)
		fbvalidates(res, req)

		res.SetLocal("fb_app_id", fbconfig.ClientId)
		res.SetLocal("wcg_user", util.FormatJson(map[string]interface{}{
			"id":           req.User.Id(),
			"display_name": req.User.DisplayName(),
			"image_link":   req.User.ImageLink(),
			"profile_link": req.User.ProfileLink(),
			"last_login":   req.User.LastLogin(),
			"user_kind":    GetUserKind(req),
		}))

		if req.Method() != "GET" && req.Method() != "HEAD" {
			csrf(res, req)
		}
	})

	// AUthorization Endpoint
	routes.Get("/login/facebook", func(res *wcg.Response, req *wcg.Request) {
		if req.Query("ref") != "" {
			req.Session.Set(SESSION_KEY_LOGIN_REF, req.Query("ref"))
		}
		fbauth(res, req)
	})
	routes.Get("/login/facebook/callback", fbcallback)
	routes.Post("/logout/facebook", func(res *wcg.Response, req *wcg.Request) {
		fblogout(res, req)
		res.Redirect("/", http.StatusFound)
	})

	// Save the session data
	routes.After(func(res *wcg.Response, req *wcg.Request) {
		if auth_type, ok := res.Local(LOCAL_KEY_AUTH_TYPE).(string); ok && auth_type == AUTH_TYPE_COOKIE {
			sessionAfter(res, req)
		}
	})
}