2023-07-21 16:59:01 +00:00
|
|
|
package middleware
|
|
|
|
|
|
|
|
import (
|
|
|
|
"GoWeb/security"
|
|
|
|
"log"
|
|
|
|
"net/http"
|
|
|
|
)
|
|
|
|
|
2023-07-23 04:37:38 +00:00
|
|
|
// Csrf validates the CSRF token and returns the handler function if it succeded
|
|
|
|
func Csrf(f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
|
2023-07-21 16:59:01 +00:00
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
_, err := security.VerifyCsrfToken(r)
|
|
|
|
if err != nil {
|
|
|
|
log.Println("Error verifying csrf token")
|
|
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
f(w, r)
|
|
|
|
}
|
|
|
|
}
|