// AuthenticityTokenFilter sets the authenticity token on the context and on the cookie
func AuthenticityTokenFilter(c router.Context) error {
token, err := auth.AuthenticityToken(c.Writer(), c.Request())
if err != nil {
return err
}
c.Set(auth.SessionTokenKey, token)
return nil
}
// CreateAuthenticityToken returns an auth.AuthenticityToken and writes a secret to check it to the cookie
func CreateAuthenticityToken(context router.Context) string {
token, err := auth.AuthenticityToken(context.Writer(), context.Request())
if err != nil {
context.Logf("#warn invalid authenticity token at %v", context)
return "" // empty strings are invalid as tokens
}
return token
}
