mirror of
https://github.com/astaxie/beego.git
synced 2024-12-23 03:40:49 +00:00
add XSRFExpire
This commit is contained in:
parent
b191e96f51
commit
10f4e822c3
2
beego.go
2
beego.go
@ -46,6 +46,7 @@ var (
|
||||
ErrorsShow bool //set weather show errors
|
||||
XSRFKEY string //set XSRF
|
||||
EnableXSRF bool
|
||||
XSRFExpire int
|
||||
CopyRequestBody bool //When in raw application, You want to the reqeustbody
|
||||
)
|
||||
|
||||
@ -76,6 +77,7 @@ func init() {
|
||||
HttpServerTimeOut = 0
|
||||
ErrorsShow = true
|
||||
XSRFKEY = "beegoxsrf"
|
||||
XSRFExpire = 60
|
||||
ParseConfig()
|
||||
}
|
||||
|
||||
|
@ -195,6 +195,9 @@ func ParseConfig() (err error) {
|
||||
if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
|
||||
EnableXSRF = enablexsrf
|
||||
}
|
||||
if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
|
||||
XSRFExpire = expire
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
@ -35,6 +35,7 @@ type Controller struct {
|
||||
_xsrf_token string
|
||||
gotofunc string
|
||||
CruSession session.SessionStore
|
||||
XSRFExpire int
|
||||
}
|
||||
|
||||
type ControllerInterface interface {
|
||||
@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
|
||||
fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
|
||||
tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
|
||||
token = base64.URLEncoding.EncodeToString([]byte(tok))
|
||||
c.Ctx.SetCookie("_xsrf", token)
|
||||
expire := 0
|
||||
if c.XSRFExpire > 0 {
|
||||
expire = c.XSRFExpire
|
||||
} else {
|
||||
expire = XSRFExpire
|
||||
}
|
||||
c.Ctx.SetCookie("_xsrf", token, expire)
|
||||
}
|
||||
c._xsrf_token = token
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user