use/csrf
2
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions
csrf/auth_check.go
risotto 78f9e9b3f1 pull out of older repos
2025-01-12 04:40:15 -07:00

29 lines
905 B
Go
Raw Permalink Blame History

package csrf
import (
"crypto/md5"
"fmt"
"strconv"
"time"
)
// authenticated routes
// compare two. possibly change this into middleware?
func (c CSRF) AuthCheck(userID string, routeName string, givenToken string) bool {
minfactor := strconv.Itoa(time.Now().Hour())
minfactor_1 := strconv.Itoa(time.Now().Hour() - 1)
comp := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor)))
comp2 := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor_1)))
// comp := sha256.New()
// comp.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour())))
// be charitable:
//comp2 := sha256.New()
//comp2.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour()-1)))
if comp == givenToken {
return true
}
// second comparison for last hour:
return comp2 == givenToken
//return fmt.Sprintf("%x", comp2.Sum(nil)) == givenToken
}
Reference in a new issue View git blame Copy permalink