mirror of
https://github.com/TeaOSLab/EdgeAdmin.git
synced 2025-11-04 13:10:26 +08:00
23 lines
504 B
Go
23 lines
504 B
Go
package actionutils
|
|
|
|
import (
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/csrf"
|
|
"github.com/iwind/TeaGo/actions"
|
|
"net/http"
|
|
)
|
|
|
|
type CSRF struct {
|
|
}
|
|
|
|
func (this *CSRF) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
|
|
action := actionPtr.Object()
|
|
token := action.ParamString("csrfToken")
|
|
if !csrf.Validate(token) {
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
action.WriteString("表单已失效,请刷新页面后重试(001)")
|
|
return
|
|
}
|
|
|
|
return true
|
|
}
|