Documentation
¶
Index ¶
Constants ¶
View Source
const ( // CSRFTokenHeader is the name of the header used to send the CSRF token in requests. //nolint:gosec // really? CSRFTokenHeader = "X-Krb-Csrf-Token" SessionCookieName = "session" RefreshCookieName = "refresh" CSRFCookieName = "csrf" )
Variables ¶
This section is empty.
Functions ¶
func CORSMiddleware ¶
CORSMiddleware is a middleware that adds CORS headers to the response. TODO: implement whitelist support for allowed origins.
func CSRFMiddleware ¶
CSRFMiddleware is an HTTP middleware that checks for the presence of a valid CSRF token in requests. It should be used for all endpoints that modify state (e.g., POST, PUT, DELETE).
func GetCSRFToken ¶
GetCSRFToken generates a new CSRF token and returns it as an HTTP cookie.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.