mirror of
https://github.com/astaxie/beego.git
synced 2024-11-29 19:01:29 +00:00
add XSRFExpire
This commit is contained in:
parent
b191e96f51
commit
10f4e822c3
2
beego.go
2
beego.go
@ -46,6 +46,7 @@ var (
|
|||||||
ErrorsShow bool //set weather show errors
|
ErrorsShow bool //set weather show errors
|
||||||
XSRFKEY string //set XSRF
|
XSRFKEY string //set XSRF
|
||||||
EnableXSRF bool
|
EnableXSRF bool
|
||||||
|
XSRFExpire int
|
||||||
CopyRequestBody bool //When in raw application, You want to the reqeustbody
|
CopyRequestBody bool //When in raw application, You want to the reqeustbody
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -76,6 +77,7 @@ func init() {
|
|||||||
HttpServerTimeOut = 0
|
HttpServerTimeOut = 0
|
||||||
ErrorsShow = true
|
ErrorsShow = true
|
||||||
XSRFKEY = "beegoxsrf"
|
XSRFKEY = "beegoxsrf"
|
||||||
|
XSRFExpire = 60
|
||||||
ParseConfig()
|
ParseConfig()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -195,6 +195,9 @@ func ParseConfig() (err error) {
|
|||||||
if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
|
if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
|
||||||
EnableXSRF = enablexsrf
|
EnableXSRF = enablexsrf
|
||||||
}
|
}
|
||||||
|
if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
|
||||||
|
XSRFExpire = expire
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -35,6 +35,7 @@ type Controller struct {
|
|||||||
_xsrf_token string
|
_xsrf_token string
|
||||||
gotofunc string
|
gotofunc string
|
||||||
CruSession session.SessionStore
|
CruSession session.SessionStore
|
||||||
|
XSRFExpire int
|
||||||
}
|
}
|
||||||
|
|
||||||
type ControllerInterface interface {
|
type ControllerInterface interface {
|
||||||
@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
|
|||||||
fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
|
fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
|
||||||
tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
|
tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
|
||||||
token = base64.URLEncoding.EncodeToString([]byte(tok))
|
token = base64.URLEncoding.EncodeToString([]byte(tok))
|
||||||
c.Ctx.SetCookie("_xsrf", token)
|
expire := 0
|
||||||
|
if c.XSRFExpire > 0 {
|
||||||
|
expire = c.XSRFExpire
|
||||||
|
} else {
|
||||||
|
expire = XSRFExpire
|
||||||
|
}
|
||||||
|
c.Ctx.SetCookie("_xsrf", token, expire)
|
||||||
}
|
}
|
||||||
c._xsrf_token = token
|
c._xsrf_token = token
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user