// Tests that the context is cleared or not cleared properly depending on // the configuration of the router func TestKeepContext(t *testing.T) { func1 := func(w http.ResponseWriter, r *http.Request) {} r := NewRouter() r.HandleFunc("/", func1).Name("func1") req, _ := http.NewRequest("GET", "http://localhost/", nil) context.Set(req, "t", 1) res := new(http.ResponseWriter) r.ServeHTTP(*res, req) if _, ok := context.GetOk(req, "t"); ok { t.Error("Context should have been cleared at end of request") } r.KeepContext = true req, _ = http.NewRequest("GET", "http://localhost/", nil) context.Set(req, "t", 1) r.ServeHTTP(*res, req) if _, ok := context.GetOk(req, "t"); !ok { t.Error("Context should NOT have been cleared at end of request") } }
// FailureReason makes CSRF validation errors available in the request context. // This is useful when you want to log the cause of the error or report it to // client. func FailureReason(r *http.Request) error { if val, ok := context.GetOk(r, errorKey); ok { if err, ok := val.(error); ok { return err } } return nil }
// Token returns a masked CSRF token ready for passing into HTML template or // a JSON response body. An empty token will be returned if the middleware // has not been applied (which will fail subsequent validation). func Token(r *http.Request) string { if val, ok := context.GetOk(r, tokenKey); ok { if maskedToken, ok := val.(string); ok { return maskedToken } } return "" }