28 lines
770 B
Go
28 lines
770 B
Go
package csrf
|
|
|
|
import (
|
|
"crypto/md5"
|
|
"fmt"
|
|
"strconv"
|
|
"time"
|
|
)
|
|
|
|
// guest routes
|
|
func (c CSRF) UnauthCheck(routename string, givenToken string) bool {
|
|
//comp := sha256.New()
|
|
minfactor := strconv.Itoa(time.Now().Minute() / 10)
|
|
minfactor_1 := strconv.Itoa((time.Now().Minute() / 10) - 1)
|
|
comp := fmt.Sprintf("%x", md5.Sum([]byte(routename+c.CSRFKey+minfactor)))
|
|
//comp.Write([]byte(routename + CSRFKey + minfactor))
|
|
// be charitable:
|
|
comp2 := fmt.Sprintf("%x", md5.Sum([]byte(routename+c.CSRFKey+minfactor_1)))
|
|
// comp2 := sha256.New()
|
|
// comp2.Write([]byte(routename + CSRFKey + minfactor_1))
|
|
if comp == givenToken {
|
|
return true
|
|
}
|
|
// second comparison for last hour:
|
|
return comp2 == givenToken
|
|
//return fmt.Sprintf("%x", comp2.Sum(nil)) == givenToken
|
|
|
|
}
|