admin/Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed csrf

Browse Source
This commit is contained in:
F04C
2026-02-18 10:33:42 +08:00
parent 7020e16a97
commit f74c84df03
3 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
handlers/access_log.go
+6 -7
View File
@@ -7,17 +7,15 @@ import (
"net/http"
)
func accessLog(w http.ResponseWriter, r *http.Request, user *string, actType int, fieldUpdated interface{}) {
func accessLog(r *http.Request, user *string, actType int, fieldUpdated interface{}) error {
email, err := helper.ExtractEmailFromToken(r.Header.Get(Authorization))
if err != nil {
helper.RespondWithError(w, http.StatusUnauthorized, UnauthorizedAccess)
return
return fmt.Errorf("%s", UnauthorizedAccess)
}
userID, err := services.GetUserIDFromEmail(email)
if err != nil {
helper.LogError(err, ErrorExtractingMailFromToken)
helper.RespondWithError(w, http.StatusBadRequest, ErrorExtractingMailFromToken)
return
return fmt.Errorf("%s", ErrorExtractingMailFromToken)
}
ipAddress := getIPAddress(r)
err = helper.LogEvent(userID, user, ipAddress, actType, fieldUpdated)
@@ -26,7 +24,8 @@ func accessLog(w http.ResponseWriter, r *http.Request, user *string, actType int
if err == nil {
errMsg = "Perform Action"
}
helper.RespondWithError(w, http.StatusInternalServerError, fmt.Sprintf("Failed to %s", errMsg))
return
return fmt.Errorf("Failed to %s", errMsg)
}
return nil
}
handlers/google_auth.go
+3 -1
View File
@@ -633,7 +633,9 @@ func LogoutHandler(w http.ResponseWriter, r *http.Request) {
helper.LogError(err, "Failed to parse JWT token during logout")
}
accessLog(w, r, nil, 18, nil)
if err := accessLog(r, nil, 18, nil); err != nil {
helper.LogError(err, "Failed to write access log during logout")
}
clearRefreshTokenCookie(w)