csrf/auth_check.go

package csrf

import (
	"crypto/md5"
	"fmt"
	"strconv"
	"time"
)

// authenticated routes

// compare two. possibly change this into middleware?
func (c CSRF) AuthCheck(userID string, routeName string, givenToken string) bool {
	minfactor := strconv.Itoa(time.Now().Hour())
	minfactor_1 := strconv.Itoa(time.Now().Hour() - 1)
	comp := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor)))
	comp2 := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor_1)))
	// comp := sha256.New()
	// comp.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour())))
	// be charitable:
	//comp2 := sha256.New()
	//comp2.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour()-1)))
	if comp == givenToken {
		return true
	}
	// second comparison for last hour:
	return comp2 == givenToken
	//return fmt.Sprintf("%x", comp2.Sum(nil)) == givenToken
}
pull out of older repos 2025-01-12 11:40:15 +00:00			`package csrf`

			`import (`
			`"crypto/md5"`
			`"fmt"`
			`"strconv"`
			`"time"`
			`)`

			`// authenticated routes`

			`// compare two. possibly change this into middleware?`
			`func (c CSRF) AuthCheck(userID string, routeName string, givenToken string) bool {`
			`minfactor := strconv.Itoa(time.Now().Hour())`
			`minfactor_1 := strconv.Itoa(time.Now().Hour() - 1)`
			`comp := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor)))`
			`comp2 := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor_1)))`
			`// comp := sha256.New()`
			`// comp.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour())))`
			`// be charitable:`
			`//comp2 := sha256.New()`
			`//comp2.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour()-1)))`
			`if comp == givenToken {`
			`return true`
			`}`
			`// second comparison for last hour:`
			`return comp2 == givenToken`
			`//return fmt.Sprintf("%x", comp2.Sum(nil)) == givenToken`
			`}`