mirror of
https://github.com/1Panel-dev/1Panel.git
synced 2024-09-20 15:45:57 +08:00
30 lines
641 B
Go
30 lines
641 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/1Panel-dev/1Panel/backend/global"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/gorilla/csrf"
|
|
adapter "github.com/gwatts/gin-adapter"
|
|
)
|
|
|
|
func CSRF() gin.HandlerFunc {
|
|
csrfMd := csrf.Protect(
|
|
[]byte(global.CONF.Csrf.Key),
|
|
csrf.Path("/api"),
|
|
csrf.ErrorHandler(http.HandlerFunc(
|
|
func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(http.StatusForbidden)
|
|
_, _ = w.Write([]byte("csrf token invalid"))
|
|
})),
|
|
)
|
|
return adapter.Wrap(csrfMd)
|
|
}
|
|
|
|
func LoadCsrfToken() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Header("X-CSRF-TOKEN", csrf.Token(c.Request))
|
|
}
|
|
}
|