💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › e5cf1e2fc8bd700256fedac33d… captured on 2024-02-05 at 09:44:59. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Go Back

0 package csrf

1

2 import (

3 "gemigit/db"

4

5 "crypto/rand"

6 "github.com/pitr/gig"

7 )

8

9 var tokens = map[string]string{}

10

11 const characters = "abcdefghijklmnopqrstuvwxyz0123456789"

12 func randomString(n int) string {

13 var random [1024]byte

14 if n > 1024 { return "" }

15 b := make([]byte, n)

16 rand.Read(random[:n])

17 for i := range b {

18 b[i] = characters[int64(random[i]) % int64(len(characters))]

19 }

20 return string(b)

21 }

22

23 func New(c gig.Context) error {

24 sig := c.CertHash()

25 exist := false

26 if sig != "" { _, exist = db.GetUser(sig) }

27 if !exist { return c.NoContent(gig.StatusRedirectTemporary, "/") }

28 token := randomString(16)

29 tokens[sig] = token

30 return c.NoContent(gig.StatusRedirectTemporary,

31 "/account/" + token + "/")

32 }

33

34 func Verify(sig string, c gig.Context) (string, error) {

35 token, exist := tokens[sig]

36 if exist { _, exist = db.GetUser(sig) }

37 if !exist || token != c.Param("csrf") { return "/", nil }

38 return "", nil

39 }

40

41 func Token(sig string) string {

42 return tokens[sig]

43 }

44