diff options
Diffstat (limited to '')
| -rw-r--r-- | csrf.go | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -0,0 +1,27 @@ +package main + +import ( + "html/template" + "net/http" + + "github.com/gorilla/csrf" + "github.com/gorilla/securecookie" +) + +func csrfHandler(next http.Handler) http.Handler { + return csrf.Protect( + securecookie.GenerateRandomKey(32), + csrf.SameSite(csrf.SameSiteStrictMode), + csrf.FieldName("csrf.csrffield"), // should match the structure in `Csrf` + )(next) +} + +// Csrf handles the CSRF data for a form. +// Include it verbatim and then use `{{.CsrfField}}` in templates. +type Csrf struct { + CsrfField template.HTML `form:"-"` +} + +func CsrfField(r *http.Request) Csrf { + return Csrf{CsrfField: csrf.TemplateField(r)} +} |