TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-04 05:00:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c5b35668375bd41f0c0b385b29e6938921307ff
EdgeAdmin/internal/csrf/utils.go
GoEdgeLab 3be0275081 优化代码
2022-08-23 14:55:06 +08:00

67 lines
1.2 KiB
Go
Raw Blame History

package csrf
import (
"crypto/sha256"
"encoding/base64"
"fmt"
"github.com/TeaOSLab/EdgeAdmin/internal/configs"
"github.com/iwind/TeaGo/types"
"strconv"
"time"
)
// Generate 生成Token
func Generate() string {
timestamp := strconv.FormatInt(time.Now().Unix(), 10)
h := sha256.New()
h.Write([]byte(configs.Secret))
h.Write([]byte(timestamp))
s := h.Sum(nil)
token := base64.StdEncoding.EncodeToString([]byte(timestamp + fmt.Sprintf("%x", s)))
sharedTokenManager.Put(token)
return token
}
// Validate 校验Token
func Validate(token string) (b bool) {
if len(token) == 0 {
return
}
if !sharedTokenManager.Exists(token) {
return
}
defer func() {
sharedTokenManager.Delete(token)
}()
data, err := base64.StdEncoding.DecodeString(token)
if err != nil {
return
}
hashString := string(data)
if len(hashString) < 10+32 {
return
}
timestampString := hashString[:10]
hashString = hashString[10:]
h := sha256.New()
h.Write([]byte(configs.Secret))
h.Write([]byte(timestampString))
hashData := h.Sum(nil)
if hashString != fmt.Sprintf("%x", hashData) {
return
}
timestamp := types.Int64(timestampString)
if timestamp < time.Now().Unix()-1800 { // 有效期半个小时
return
}
return true
}
Reference in New Issue View Git Blame Copy Permalink