v1

2025-06-13 17:23:16 +08:00
parent 3150ba80bc
commit 1b72f51e4a
55 changed files with 3894 additions and 310 deletions
--- a/internal/pkg/mid/csrf.go
+++ b/internal/pkg/mid/csrf.go
@@ -0,0 +1,22 @@
+package mid
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/justinas/nosurf"
+)
+
+func NoSurf(next http.Handler) http.Handler {
+	return nosurf.New(next)
+}
+
+func NoSurfContext(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		token := nosurf.Token(r)
+
+		ctx := setCsrfToken(r.Context(), token)
+		ctx = setHtmlCsrfToken(ctx, fmt.Sprintf(`<input type="hidden" name="csrf_token" value="%s" />`, token))
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}