Skip to content
This repository has been archived by the owner on Nov 5, 2018. It is now read-only.

Latest commit

 

History

History
51 lines (40 loc) · 1.91 KB

README.md

File metadata and controls

51 lines (40 loc) · 1.91 KB
Raw

CSRF - A toolset for CSRF middleware

Travis branch GitHub tag Report Card Powered By Docs License

Logic behind CSRF token creation and validation.

Inspired by pillarjs/csrf. Read Understanding-CSRF for more information on CSRF.

Install

$ go get -u github.com/omar-h/csrf

Example

This is an example of how to initiliaze and use the package:

package main

import (
        "fmt"
        
        "github.com/omar-h/csrf"
)

func main() {
        const secret = "erHUnxuhBMRIsVB1LfqmiWCgB83ZEerH"
        CSRF := csrf.New(csrf.Config{
                // Secret should persist over program restart.
                Secret: secret,
                SaltLen: 16,
        })
        
        salt := CSRF.GenerateSalt()
        token := CSRF.GenerateToken(salt)
        
        // Print the secret, a random salt and the token generated from them.
        fmt.Println("Secret: ", secret)
        fmt.Println("Salt: ", salt)
        fmt.Println("Token: ", token)
        
        // Returns true
        CSRF.Verify(token)
}

License

CSRF is licensed under the MIT License.