add XSRFExpire

10f4e822 · astaxie · b191e96f · 10f4e822 · 10f4e822 · 10f4e822
Commit 10f4e822 authored Aug 07, 2013 by astaxie
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 1 deletion

beego.go beego.go +2 -0

config.go config.go +3 -0

controller.go controller.go +8 -1

No files found.
--- a/beego.go
+++ b/beego.go
@@ -46,6 +46,7 @@ var (
 	ErrorsShow           bool   //set weather show errors
 	XSRFKEY              string //set XSRF
 	EnableXSRF           bool
+	XSRFExpire           int
 	CopyRequestBody      bool //When in raw application, You want to the reqeustbody
 )

@@ -76,6 +77,7 @@ func init() {
 	HttpServerTimeOut = 0
 	ErrorsShow = true
 	XSRFKEY = "beegoxsrf"
+	XSRFExpire = 60
 	ParseConfig()
 }


--- a/config.go
+++ b/config.go
@@ -195,6 +195,9 @@ func ParseConfig() (err error) {
 		if enablexsrf, err := AppConfig.Bool("enablexsrf"); err == nil {
 			EnableXSRF = enablexsrf
 		}
+		if expire, err := AppConfig.Int("xsrfexpire"); err == nil {
+			XSRFExpire = expire
+		}
 	}
 	return nil
 }
--- a/controller.go
+++ b/controller.go
@@ -35,6 +35,7 @@ type Controller struct {
 	_xsrf_token string
 	gotofunc    string
 	CruSession  session.SessionStore
+	XSRFExpire  int
 }

 type ControllerInterface interface {
@@ -353,7 +354,13 @@ func (c *Controller) XsrfToken() string {
 			fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
 			tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
 			token = base64.URLEncoding.EncodeToString([]byte(tok))
-			c.Ctx.SetCookie("_xsrf", token)
+			expire := 0
+			if c.XSRFExpire > 0 {
+				expire = c.XSRFExpire
+			} else {
+				expire = XSRFExpire
+			}
+			c.Ctx.SetCookie("_xsrf", token, expire)
 		}
 		c._xsrf_token = token
 	}