domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337)

Browse source 
Do a refactoring to the CSRF related code, remove most unnecessary functions.
Parse the generated token's issue time, regenerate the token every a few minutes.
This commit is contained in:
wxiaoguang 2022-04-08 13:21:05 +08:00 committed by GitHub
parent 3c3d49899f
commit 84ceaa98bd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 170 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/context/auth.go
View file

@ -63,7 +63,7 @@ func Toggle(options *ToggleOptions) func(ctx *Context) {
}
if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" {
Validate(ctx, ctx.csrf)
ctx.csrf.Validate(ctx)
if ctx.Written() {
return
}