1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-29 10:51:28 +00:00
This commit is contained in:
astaxie 2013-09-28 21:36:36 +08:00
parent 1eb87c5c59
commit c4edc13413

View File

@ -326,15 +326,11 @@ func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
return "", false
}
buf := bytes.NewBufferString(val)
encoder := base64.NewDecoder(base64.StdEncoding, buf)
res, _ := ioutil.ReadAll(encoder)
res, _ := base64.URLEncoding.DecodeString(vs)
return string(res), true
}
func (c *Controller) SetSecureCookie(Secret, name, val string, age int) {
func (c *Controller) SetSecureCookie(Secret, name, val string, age int64) {
vs := base64.URLEncoding.EncodeToString([]byte(val))
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
h := hmac.New(sha1.New, []byte(Secret))
@ -348,11 +344,11 @@ func (c *Controller) XsrfToken() string {
if c._xsrf_token == "" {
token, ok := c.GetSecureCookie(XSRFKEY, "_xsrf")
if !ok {
expire := 0
var expire int64
if c.XSRFExpire > 0 {
expire = c.XSRFExpire
expire = int64(c.XSRFExpire)
} else {
expire = XSRFExpire
expire = int64(XSRFExpire)
}
token = GetRandomString(15)
c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire)
@ -379,8 +375,16 @@ func (c *Controller) CheckXsrfCookie() bool {
}
func (c *Controller) XsrfFormHtml() string {
var expire int64
if c.XSRFExpire > 0 {
expire = int64(c.XSRFExpire)
} else {
expire = int64(XSRFExpire)
}
token := GetRandomString(15)
c.SetSecureCookie(XSRFKEY, "_xsrf", token, expire)
return "<input type=\"hidden\" name=\"_xsrf\" value=\"" +
c._xsrf_token + "\"/>"
token + "\"/>"
}
func (c *Controller) GoToFunc(funcname string) {