blob: fd73c0d06298bdc56e3123f3fd28678b147728a2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
package csrf
import (
"html/template"
"net/http"
"github.com/a-h/templ"
"github.com/gorilla/csrf"
"github.com/gorilla/securecookie"
)
func Handler() func(http.Handler) http.Handler {
return csrf.Protect(
securecookie.GenerateRandomKey(32),
csrf.SameSite(csrf.SameSiteStrictMode),
csrf.FieldName("csrffield.field"), // should match the structure in `Csrf`
)
}
// CsrfField handles the CSRF data for a form.
// Include it verbatim and then use `{{.CsrfField}}` in templates.
type CsrfField struct {
field template.HTML `form:"-" schema:"-"`
}
func (c *CsrfField) SetCsrfField(r *http.Request) {
c.field = csrf.TemplateField(r)
}
func (c *CsrfField) Csrf() templ.Component {
return templ.Raw(c.field)
}
type Enabled interface {
SetCsrfField(r *http.Request)
}
|