add XSRFExpire

beego.go

@@ -46,6 +46,7 @@ var (
 	ErrorsShow           bool   //set weather show errors
 	XSRFKEY              string //set XSRF
 	EnableXSRF           bool
+	XSRFExpire           int
 	CopyRequestBody      bool //When in raw application, You want to the reqeustbody
 )
 
@@ -76,6 +77,7 @@ func init() {
 	HttpServerTimeOut = 0
 	ErrorsShow = true
 	XSRFKEY = "beegoxsrf"
+	XSRFExpire = 60
 	ParseConfig()
 }
 

config.go

@@ -195,6 +195,9 @@ func ParseConfig() (err error) {
 		if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
 			EnableXSRF = enablexsrf
 		}
+		if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
+			XSRFExpire = expire
+		}
 	}
 	return nil
 }

controller.go

@@ -35,6 +35,7 @@ type Controller struct {
 	_xsrf_token string
 	gotofunc    string
 	CruSession  session.SessionStore
+	XSRFExpire  int
 }
 
 type ControllerInterface interface {
@@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
 			fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
 			tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
 			token = base64.URLEncoding.EncodeToString([]byte(tok))
-			c.Ctx.SetCookie("_xsrf", token)
+			expire := 0
+			if c.XSRFExpire > 0 {
+				expire = c.XSRFExpire
+			} else {
+				expire = XSRFExpire
+			}
+			c.Ctx.SetCookie("_xsrf", token, expire)
 		}
 		c._xsrf_token = token
 	}