add XSRFExpire

2024-11-22 18:50:54 +00:00 · 2013-08-07 11:22:23 +08:00 · 2013-08-07 11:22:23 +08:00 · 10f4e822c3
commit 10f4e822c3
parent b191e96f51
3 changed files with 13 additions and 1 deletions
--- a/beego.go
+++ b/beego.go
@ -46,6 +46,7 @@ var (
 	ErrorsShow           bool   //set weather show errors
 	XSRFKEY              string //set XSRF
 	EnableXSRF           bool
+	XSRFExpire           int
 	CopyRequestBody      bool //When in raw application, You want to the reqeustbody
 )

@ -76,6 +77,7 @@ func init() {
 	HttpServerTimeOut = 0
 	ErrorsShow = true
 	XSRFKEY = "beegoxsrf"
+	XSRFExpire = 60
 	ParseConfig()
 }

--- a/config.go
+++ b/config.go
@ -195,6 +195,9 @@ func ParseConfig() (err error) {
 		if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
 			EnableXSRF = enablexsrf
 		}
+		if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
+			XSRFExpire = expire
+		}
 	}
 	return nil
 }
--- a/controller.go
+++ b/controller.go
@ -35,6 +35,7 @@ type Controller struct {
 	_xsrf_token string
 	gotofunc    string
 	CruSession  session.SessionStore
+	XSRFExpire  int
 }

 type ControllerInterface interface {
@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
 			fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
 			tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
 			token = base64.URLEncoding.EncodeToString([]byte(tok))
-			c.Ctx.SetCookie("_xsrf", token)
+			expire := 0
+			if c.XSRFExpire > 0 {
+				expire = c.XSRFExpire
+			} else {
+				expire = XSRFExpire
+			}
+			c.Ctx.SetCookie("_xsrf", token, expire)
 		}
 		c._xsrf_token = token
 	}