admin/Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added setting of csrf

Browse Source
This commit is contained in:
F04C
2026-02-18 10:16:56 +08:00
parent b2b7cacaa6
commit 7020e16a97
2 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
handlers/csrf.go
+14
View File
@@ -0,0 +1,14 @@
package handlers
import (
"authentication/helper"
"net/http"
)
// CSRFToken issues a CSRF token by relying on the CSRFMiddleware
// to set the token in the response header and cookie on GET requests.
func CSRFToken(w http.ResponseWriter, r *http.Request) {
helper.RespondWithJSON(w, http.StatusOK, map[string]string{
"message": "CSRF token set",
})
}
routes/routes.go
+2
View File
@@ -18,8 +18,10 @@ func SetupRoutes(router *mux.Router, db *sql.DB) {
authRoutes.HandleFunc("/login", handlers.GoogleLogin).Methods("GET")
authRoutes.HandleFunc("/callback", handlers.GoogleCallback).Methods("GET")
authRoutes.HandleFunc("/forgot-password", handlers.ForgotPassword).Methods("GET")
csrfProtected := authRoutes.NewRoute().Subrouter()
csrfProtected.Use(middleware.CSRFMiddleware)
csrfProtected.HandleFunc("/csrf", handlers.CSRFToken).Methods("GET")
csrfProtected.HandleFunc("/refresh_token", handlers.HandleTokenRefresh).Methods("POST", "OPTIONS")
csrfProtected.HandleFunc("/logout", handlers.LogoutHandler).Methods("POST")