csrf

package

v0.1.23 Latest Latest Go to latest Published: Apr 10, 2025 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dormoron/mist

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func New(options ...func(*Config)) mist.Middleware
func WithCookieDomain(domain string) func(*Config)
func WithCookieMaxAge(maxAge time.Duration) func(*Config)
func WithCookieName(name string) func(*Config)
func WithCookiePath(path string) func(*Config)
func WithCookieSecure(secure bool) func(*Config)
func WithErrorHandler(handler func(ctx *mist.Context, err error)) func(*Config)
func WithFormField(field string) func(*Config)
func WithHeaderName(name string) func(*Config)
func WithIgnoreMethods(methods []string) func(*Config)
func WithTokenLength(length int) func(*Config)
type Config

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrTokenNotFound 表示请求中未找到CSRF令牌
	ErrTokenNotFound = errors.New("CSRF token not found in request")
	// ErrTokenInvalid 表示请求中的CSRF令牌无效
	ErrTokenInvalid = errors.New("CSRF token invalid")
)

Functions ¶

func New ¶

func New(options ...func(*Config)) mist.Middleware

New 创建新的CSRF保护中间件

func WithCookieDomain ¶

func WithCookieDomain(domain string) func(*Config)

WithCookieDomain 设置cookie域

func WithCookieMaxAge ¶

func WithCookieMaxAge(maxAge time.Duration) func(*Config)

WithCookieMaxAge 设置cookie最大存活时间

func WithCookieName ¶

func WithCookieName(name string) func(*Config)

WithCookieName 设置cookie名称

func WithCookiePath ¶

func WithCookiePath(path string) func(*Config)

WithCookiePath 设置cookie路径

func WithCookieSecure ¶

func WithCookieSecure(secure bool) func(*Config)

WithCookieSecure 设置cookie是否仅HTTPS

func WithErrorHandler ¶

func WithErrorHandler(handler func(ctx *mist.Context, err error)) func(*Config)

WithErrorHandler 设置自定义错误处理

func WithFormField ¶

func WithFormField(field string) func(*Config)

WithFormField 设置表单字段名称

func WithHeaderName ¶

func WithHeaderName(name string) func(*Config)

WithHeaderName 设置CSRF头名称

func WithIgnoreMethods ¶

func WithIgnoreMethods(methods []string) func(*Config)

WithIgnoreMethods 设置忽略的HTTP方法

func WithTokenLength ¶

func WithTokenLength(length int) func(*Config)

提供配置选项函数 WithTokenLength 设置令牌长度

Types ¶

type Config ¶

type Config struct {
	// TokenLength 令牌长度，默认32字节
	TokenLength int
	// CookieName CSRF cookie名称，默认为"_csrf"
	CookieName string
	// CookiePath cookie路径，默认为"/"
	CookiePath string
	// CookieDomain cookie的域，可选
	CookieDomain string
	// CookieMaxAge cookie最大存活时间，默认为24小时
	CookieMaxAge time.Duration
	// CookieSecure 是否仅通过HTTPS发送cookie，默认为false
	CookieSecure bool
	// CookieHTTPOnly 是否禁止JavaScript访问cookie，默认为true
	CookieHTTPOnly bool
	// CookieSameSite SameSite属性，默认为Lax
	CookieSameSite http.SameSite
	// HeaderName 请求中CSRF头名称，默认为"X-CSRF-Token"
	HeaderName string
	// FormField 表单中CSRF字段名称，默认为"csrf_token"
	FormField string
	// ErrorHandler 自定义错误处理
	ErrorHandler func(ctx *mist.Context, err error)
	// IgnoreMethods 忽略的HTTP方法（默认忽略GET, HEAD, OPTIONS, TRACE）
	IgnoreMethods []string
}

Config 配置CSRF保护

Source Files ¶

View all Source files

csrf.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL