mirror of
https://github.com/astaxie/beego.git
synced 2024-11-25 02:40:54 +00:00
move SetSecureCookie / GetSecureCookie to *context.Context and alias in Controller
This commit is contained in:
parent
03037170e1
commit
7f5fb871de
@ -1,7 +1,14 @@
|
|||||||
package context
|
package context
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/hmac"
|
||||||
|
"crypto/sha1"
|
||||||
|
"encoding/base64"
|
||||||
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/astaxie/beego/middleware"
|
"github.com/astaxie/beego/middleware"
|
||||||
)
|
)
|
||||||
@ -59,3 +66,41 @@ func (ctx *Context) GetCookie(key string) string {
|
|||||||
func (ctx *Context) SetCookie(name string, value string, others ...interface{}) {
|
func (ctx *Context) SetCookie(name string, value string, others ...interface{}) {
|
||||||
ctx.Output.Cookie(name, value, others...)
|
ctx.Output.Cookie(name, value, others...)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get secure cookie from request by a given key.
|
||||||
|
func (ctx *Context) GetSecureCookie(Secret, key string) (string, bool) {
|
||||||
|
val := ctx.Input.Cookie(key)
|
||||||
|
if val == "" {
|
||||||
|
return "", false
|
||||||
|
}
|
||||||
|
|
||||||
|
parts := strings.SplitN(val, "|", 3)
|
||||||
|
|
||||||
|
if len(parts) != 3 {
|
||||||
|
return "", false
|
||||||
|
}
|
||||||
|
|
||||||
|
vs := parts[0]
|
||||||
|
timestamp := parts[1]
|
||||||
|
sig := parts[2]
|
||||||
|
|
||||||
|
h := hmac.New(sha1.New, []byte(Secret))
|
||||||
|
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
||||||
|
|
||||||
|
if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
|
||||||
|
return "", false
|
||||||
|
}
|
||||||
|
res, _ := base64.URLEncoding.DecodeString(vs)
|
||||||
|
return string(res), true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Set Secure cookie for response.
|
||||||
|
func (ctx *Context) SetSecureCookie(Secret, name, value string, others ...interface{}) {
|
||||||
|
vs := base64.URLEncoding.EncodeToString([]byte(value))
|
||||||
|
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
|
||||||
|
h := hmac.New(sha1.New, []byte(Secret))
|
||||||
|
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
||||||
|
sig := fmt.Sprintf("%02x", h.Sum(nil))
|
||||||
|
cookie := strings.Join([]string{vs, timestamp, sig}, "|")
|
||||||
|
ctx.Output.Cookie(name, cookie, others...)
|
||||||
|
}
|
||||||
|
@ -2,11 +2,7 @@ package beego
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"crypto/hmac"
|
|
||||||
"crypto/sha1"
|
|
||||||
"encoding/base64"
|
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
|
||||||
"html/template"
|
"html/template"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
@ -17,7 +13,6 @@ import (
|
|||||||
"reflect"
|
"reflect"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/astaxie/beego/context"
|
"github.com/astaxie/beego/context"
|
||||||
"github.com/astaxie/beego/session"
|
"github.com/astaxie/beego/session"
|
||||||
@ -415,40 +410,12 @@ func (c *Controller) IsAjax() bool {
|
|||||||
|
|
||||||
// GetSecureCookie returns decoded cookie value from encoded browser cookie values.
|
// GetSecureCookie returns decoded cookie value from encoded browser cookie values.
|
||||||
func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
|
func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
|
||||||
val := c.Ctx.GetCookie(key)
|
return c.Ctx.GetSecureCookie(Secret, key)
|
||||||
if val == "" {
|
|
||||||
return "", false
|
|
||||||
}
|
|
||||||
|
|
||||||
parts := strings.SplitN(val, "|", 3)
|
|
||||||
|
|
||||||
if len(parts) != 3 {
|
|
||||||
return "", false
|
|
||||||
}
|
|
||||||
|
|
||||||
vs := parts[0]
|
|
||||||
timestamp := parts[1]
|
|
||||||
sig := parts[2]
|
|
||||||
|
|
||||||
h := hmac.New(sha1.New, []byte(Secret))
|
|
||||||
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
|
||||||
|
|
||||||
if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
|
|
||||||
return "", false
|
|
||||||
}
|
|
||||||
res, _ := base64.URLEncoding.DecodeString(vs)
|
|
||||||
return string(res), true
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetSecureCookie puts value into cookie after encoded the value.
|
// SetSecureCookie puts value into cookie after encoded the value.
|
||||||
func (c *Controller) SetSecureCookie(Secret, name, val string, age int64) {
|
func (c *Controller) SetSecureCookie(Secret, name, value string, others ...interface{}) {
|
||||||
vs := base64.URLEncoding.EncodeToString([]byte(val))
|
c.Ctx.SetSecureCookie(Secret, name, value, others...)
|
||||||
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
|
|
||||||
h := hmac.New(sha1.New, []byte(Secret))
|
|
||||||
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
|
||||||
sig := fmt.Sprintf("%02x", h.Sum(nil))
|
|
||||||
cookie := strings.Join([]string{vs, timestamp, sig}, "|")
|
|
||||||
c.Ctx.SetCookie(name, cookie, age, "/")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// XsrfToken creates a xsrf token string and returns.
|
// XsrfToken creates a xsrf token string and returns.
|
||||||
|
Loading…
Reference in New Issue
Block a user