Noah Petherbridge
2a8a1df6ab
* Initial codebase (lot of work!) * Uses vanilla Go net/http and implements by hand: session cookies backed by Redis; log in/out; CSRF protection; email verification flow; initial database models (User table)
34 lines
755 B
Go
34 lines
755 B
Go
package templates
|
|
|
|
import (
|
|
"fmt"
|
|
"html/template"
|
|
"net/http"
|
|
|
|
"git.kirsle.net/apps/gosocial/pkg/config"
|
|
"git.kirsle.net/apps/gosocial/pkg/session"
|
|
)
|
|
|
|
// TemplateFuncs available to all pages.
|
|
func TemplateFuncs(r *http.Request) template.FuncMap {
|
|
return template.FuncMap{
|
|
"InputCSRF": InputCSRF(r),
|
|
}
|
|
}
|
|
|
|
// InputCSRF returns the HTML snippet for a CSRF token hidden input field.
|
|
func InputCSRF(r *http.Request) func() template.HTML {
|
|
return func() template.HTML {
|
|
ctx := r.Context()
|
|
if token, ok := ctx.Value(session.CSRFKey).(string); ok {
|
|
return template.HTML(fmt.Sprintf(
|
|
`<input type="hidden" name="%s" value="%s">`,
|
|
config.CSRFInputName,
|
|
token,
|
|
))
|
|
} else {
|
|
return template.HTML(`[CSRF middleware error]`)
|
|
}
|
|
}
|
|
}
|