forked from oal/beego-pongo2
/
tags_xsrftoken.go
35 lines (27 loc) · 964 Bytes
/
tags_xsrftoken.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
package pongo2
import (
"bytes"
"github.com/astaxie/beego"
p2 "gopkg.in/flosch/pongo2.v3"
)
var xsrfTemplate = p2.Must(p2.FromString(`<input type="hidden" name="_xsrf" value="{{ _xsrf }}">`))
type tagXSRFTokenNode struct{}
func (node *tagXSRFTokenNode) Execute(ctx *p2.ExecutionContext, buffer *bytes.Buffer) *p2.Error {
if !beego.EnableXSRF {
return nil
}
xsrftoken := ctx.Public["_xsrf"]
err := xsrfTemplate.ExecuteWriter(p2.Context{"_xsrf": xsrftoken}, buffer)
if err != nil {
return err.(*p2.Error)
}
return nil
}
// tagXSRFParser implements a {% xsrftoken %} tag that inserts <input type="hidden" name="_xsrf" value="{{ _xsrf }}">
// just like Django's {% csrftoken %}. Note that we follow Beego's convention by using "XSRF" and not "CSRF".
func tagXSRFParser(doc *p2.Parser, start *p2.Token, arguments *p2.Parser) (p2.INodeTag, *p2.Error) {
return &tagXSRFTokenNode{}, nil
}
func init() {
p2.RegisterTag("xsrftoken", tagXSRFParser)
}