// AuthenticityTokenFilter sets the authenticity token on the context and on the cookie func AuthenticityTokenFilter(c router.Context) error { token, err := auth.AuthenticityToken(c.Writer(), c.Request()) if err != nil { return err } c.Set(auth.SessionTokenKey, token) return nil }
// CreateAuthenticityToken returns an auth.AuthenticityToken and writes a secret to check it to the cookie func CreateAuthenticityToken(context router.Context) string { token, err := auth.AuthenticityToken(context.Writer(), context.Request()) if err != nil { context.Logf("#warn invalid authenticity token at %v", context) return "" // empty strings are invalid as tokens } return token }