1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-26 05:01:28 +00:00

add XSRFExpire

This commit is contained in:
astaxie 2013-08-07 11:22:23 +08:00
parent b191e96f51
commit 10f4e822c3
3 changed files with 13 additions and 1 deletions

View File

@ -46,6 +46,7 @@ var (
ErrorsShow bool //set weather show errors
XSRFKEY string //set XSRF
EnableXSRF bool
XSRFExpire int
CopyRequestBody bool //When in raw application, You want to the reqeustbody
)
@ -76,6 +77,7 @@ func init() {
HttpServerTimeOut = 0
ErrorsShow = true
XSRFKEY = "beegoxsrf"
XSRFExpire = 60
ParseConfig()
}

View File

@ -195,6 +195,9 @@ func ParseConfig() (err error) {
if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
EnableXSRF = enablexsrf
}
if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
XSRFExpire = expire
}
}
return nil
}

View File

@ -35,6 +35,7 @@ type Controller struct {
_xsrf_token string
gotofunc string
CruSession session.SessionStore
XSRFExpire int
}
type ControllerInterface interface {
@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
token = base64.URLEncoding.EncodeToString([]byte(tok))
c.Ctx.SetCookie("_xsrf", token)
expire := 0
if c.XSRFExpire > 0 {
expire = c.XSRFExpire
} else {
expire = XSRFExpire
}
c.Ctx.SetCookie("_xsrf", token, expire)
}
c._xsrf_token = token
}