GoWeb/internal/middleware/csrf.go

22 lines
499 B
Go
Raw Permalink Normal View History

package middleware
import (
"GoWeb/security"
"log/slog"
"net/http"
)
2023-08-03 17:11:01 +00:00
// Csrf validates the CSRF token and returns the handler function if it succeeded
2023-07-23 04:37:38 +00:00
func Csrf(f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
_, err := security.VerifyCsrfToken(r)
if err != nil {
slog.Info("error verifying csrf token")
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
f(w, r)
}
}