lks/lenslocked
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use a custom template function for csrf protection

Browse Source
This commit is contained in:
Lucas Schumacher
2024-08-13 06:58:02 -04:00
parent 8bc58eedbe
commit 4cf50a7d81
5 changed files with 37 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
controllers/static.go
View File

@@ -4,7 +4,6 @@ import (
"git.kealoha.me/lks/lenslocked/templates"
"git.kealoha.me/lks/lenslocked/views"
"net/http"
"strings"
)
type Template interface {
@@ -14,8 +13,7 @@ type Template interface {
func StaticController(templatePath ...string) http.HandlerFunc {
tpl := views.Must(views.FromFS(templates.FS, templatePath...))
var testWriter strings.Builder
err := tpl.ExecuteWriter(&testWriter, nil)
err := tpl.TestTemplate(nil)
if err != nil {
panic(err)
}
@@ -40,8 +38,7 @@ func FAQ(templatePath ...string) http.HandlerFunc {
tpl := views.Must(views.FromFS(templates.FS, templatePath...))
var testWriter strings.Builder
err := tpl.ExecuteWriter(&testWriter, nil)
err := tpl.TestTemplate(nil)
if err != nil {
panic(err)
}

16
controllers/users.go
View File

@@ -2,14 +2,11 @@ package controllers
import (
"fmt"
"html/template"
"net/http"
"strings"
"git.kealoha.me/lks/lenslocked/models"
"git.kealoha.me/lks/lenslocked/templates"
"git.kealoha.me/lks/lenslocked/views"
"github.com/gorilla/csrf"
)
type Users struct {
@@ -22,11 +19,9 @@ type Users struct {
func (u Users) GetSignup(w http.ResponseWriter, r *http.Request) {
var data struct {
Email string
CSRFField template.HTML
Email string
}
data.Email = r.FormValue("email")
data.CSRFField = csrf.TemplateField(r)
u.Templates.Signup.Execute(w, r, data)
}
@@ -44,11 +39,9 @@ func (u Users) PostSignup(w http.ResponseWriter, r *http.Request) {
func (u Users) GetSignin(w http.ResponseWriter, r *http.Request) {
var data struct {
Email string
CSRFField template.HTML
Email string
}
data.Email = r.FormValue("email")
data.CSRFField = csrf.TemplateField(r)
u.Templates.Signin.Execute(w, r, data)
}
func (u Users) PostSignin(w http.ResponseWriter, r *http.Request) {
@@ -97,12 +90,11 @@ func Default(user_service *models.UserService, templatePath ...string) Users {
signup_tpl := views.Must(views.FromFS(templates.FS, "signup.gohtml", "tailwind.gohtml"))
signin_tpl := views.Must(views.FromFS(templates.FS, "signin.gohtml", "tailwind.gohtml"))
var testWriter strings.Builder
err := signup_tpl.ExecuteWriter(&testWriter, nil)
err := signup_tpl.TestTemplate(nil)
if err != nil {
panic(err)
}
err = signin_tpl.ExecuteWriter(&testWriter, nil)
err = signin_tpl.TestTemplate(nil)
if err != nil {
panic(err)
}