lbsadmin/Beego
1
0
Fork 0
mirror of https://github.com/astaxie/beego.git synced 2024-11-25 22:31:28 +00:00
Code Issues Releases Activity

fix #230

Browse Source
This commit is contained in:
astaxie 2013-09-28 21:36:36 +08:00
parent 1eb87c5c59
commit c4edc13413
1 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
controller.go
View File

@ -326,15 +326,11 @@ func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
if fmt.Sprintf("%02x", h.Sum(nil)) != sig { if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
return "", false return "", false
} }
res, _ := base64.URLEncoding.DecodeString(vs)
buf := bytes.NewBufferString(val)
encoder := base64.NewDecoder(base64.StdEncoding, buf)
res, _ := ioutil.ReadAll(encoder)
return string(res), true return string(res), true
} }
func (c *Controller) SetSecureCookie(Secret, name, val string, age int) { func (c *Controller) SetSecureCookie(Secret, name, val string, age int64) {
vs := base64.URLEncoding.EncodeToString([]byte(val)) vs := base64.URLEncoding.EncodeToString([]byte(val))
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10) timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
h := hmac.New(sha1.New, []byte(Secret)) h := hmac.New(sha1.New, []byte(Secret))
@ -348,11 +344,11 @@ func (c *Controller) XsrfToken() string {
if c._xsrf_token == "" { if c._xsrf_token == "" {
token, ok := c.GetSecureCookie(XSRFKEY, "_xsrf") token, ok := c.GetSecureCookie(XSRFKEY, "_xsrf")
if !ok { if !ok {
expire := 0 var expire int64
if c.XSRFExpire > 0 { if c.XSRFExpire > 0 {
expire = c.XSRFExpire expire = int64(c.XSRFExpire)
} else { } else {
expire = XSRFExpire expire = int64(XSRFExpire)
} }
token = GetRandomString(15) token = GetRandomString(15)
c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire) c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire)
@ -379,8 +375,16 @@ func (c *Controller) CheckXsrfCookie() bool {
} }
func (c *Controller) XsrfFormHtml() string { func (c *Controller) XsrfFormHtml() string {
var expire int64
if c.XSRFExpire > 0 {
expire = int64(c.XSRFExpire)
} else {
expire = int64(XSRFExpire)
}
token := GetRandomString(15)
c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire)
return "<input type=\"hidden\" name=\"_xsrf\" value=\"" + return "<input type=\"hidden\" name=\"_xsrf\" value=\"" +
c._xsrf_token + "\"/>" token + "\"/>"
} }
func (c *Controller) GoToFunc(funcname string) { func (c *Controller) GoToFunc(funcname string) {