1Panel-dev/1Panel
1
1
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2025-10-31 11:15:58 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions
1Panel/backend/middleware/csrf.go
zhengkunwang223 6ab24989fb feat: 修改csrf作用域
2022-08-17 15:04:24 +08:00

29 lines
633 B
Go
Raw Blame History

package middleware
import (
"net/http"
"github.com/1Panel-dev/1Panel/global"
"github.com/gin-gonic/gin"
"github.com/gorilla/csrf"
adapter "github.com/gwatts/gin-adapter"
)
func CSRF() gin.HandlerFunc {
csrfMd := csrf.Protect(
[]byte(global.CONF.Csrf.Key),
csrf.Path("/api"),
csrf.ErrorHandler(http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusForbidden)
_, _ = w.Write([]byte("csrf token invalid"))
})),
)
return adapter.Wrap(csrfMd)
}
func LoadCsrfToken() gin.HandlerFunc {
return func(c *gin.Context) {
c.Header("X-CSRF-TOKEN", csrf.Token(c.Request))
}
}
Reference in a new issue View git blame Copy permalink