picgo/middleware/csrf.go

package middleware

import (
	"github.com/gorilla/csrf"
	"picgo/configs"
)

func getSecure() (secure bool) {
	if configs.Settings.Server.Environment == "dev" {
		secure = false
	} else {
		secure = true
	}
	return
}

// CsrfMiddleware 设置CSRF保护
var CsrfMiddleware = csrf.Protect(
	[]byte(configs.Settings.Server.SessionsKey),
	csrf.Secure(getSecure()), // 在开发环境中禁用HTTPS
	csrf.RequestHeader("X-CSRF-Token"),
)
[2024-08-06](UPDATE): 创建用户 2024-08-06 20:37:34 +08:00			`package middleware`

			`import (`
			`"github.com/gorilla/csrf"`
			`"picgo/configs"`
			`)`

			`func getSecure() (secure bool) {`
			`if configs.Settings.Server.Environment == "dev" {`
			`secure = false`
			`} else {`
			`secure = true`
			`}`
			`return`
			`}`

			`// CsrfMiddleware 设置CSRF保护`
			`var CsrfMiddleware = csrf.Protect(`
			`[]byte(configs.Settings.Server.SessionsKey),`
			`csrf.Secure(getSecure()), // 在开发环境中禁用HTTPS`
			`csrf.RequestHeader("X-CSRF-Token"),`
			`)`