go-http-crumb

Go package for creating and validating (HTTP) crumbs.

Documentation

Example

The following are abbreviated code examples. Error handling has been omitted for the sake of brevity.

Simple (Encypted crumbs)

import (
       "context"
       "github.com/aaronland/go-http-crumb"
)

func main() {
	cr_uri := "encrypted://?extra=f3gKgLVX&key=&secret=oK5OFCjBsvAOrfJPnzAJqnkphkuDmyf9&separator=%3A&ttl=3600"
	cr, _ := crumb.NewCrumb(ctx, uri)
}

HTTP (Simple)

Use the crumb.EnsureCrumbHandler middleware handler to automatically generate a new crumb string for all requests and append it to any HTML output as a html/body@data-crumb attribute value.

For POST and PUT requests the (middleware) handler intercept the current handler and look for a crumb form value and validate it before continuing.

import (
       "context"
       "github.com/aaronland/go-http-crumb"
       "net/http"
)

func MyHandler() http.Handler {

	fn := func(rsp http.ResponseWriter, req *http.Request) {
		rsp.Write([]byte("Hello world"))
	}

	return http.HandlerFunc(fn)
}

func main() {

	ctx := context.Background()
	
	uri, _ := crumb.NewRandomEncryptedCrumbURI(ctx, 3600)
	cr, _ := crumb.NewCrumb(ctx, uri)

	mux := http.NewServeMux()
	
	my_handler, _ := MyHandler()
	my_handler = crumb.EnsureCrumbHandler(cr, my_handler)

	mux.Handle("/", my_handler)
}

HTTP (Doing it yourself)

import (
       "context"
       "github.com/aaronland/go-http-crumb"
       "net/http"
)

func CrumbHandler() (http.Handler, error) {

	ctx := context.Background()
	
	uri, _ := crumb.NewRandomEncryptedCrumbURI(ctx, 3600)
	cr, _ := crumb.NewCrumb(ctx, uri)

	fn := func(rsp http.ResponseWriter, req *http.Request) {

		if req.URL.Method == "GET" {
			cr_hash, _ := cr.Generate(req)
			// pass cr_hash to template
		} else {

			// read cr_hash from POST form here
			ok, _ := cr.Validate(req, cr_hash)	
		}
	}

	h := http.HandlerFunc(fn)
	return h, nil
}

Schemes

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}

For example:

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}

Parameter	Description	Required
secret	A valid AES secret for encrypting the crumb	yes
extra	A string to include when generating crumb base	yes
separator	A string to separate crumb parts with	yes
ttl	Time to live (in seconds)	yes
key	A string to prepend crumb base with. Default is to use the path of the current HTTP request	no

Name		Name	Last commit message	Last commit date
Latest commit History 30 Commits
cmd/encrypted		cmd/encrypted
vendor		vendor
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
crumb.go		crumb.go
crumb_test.go		crumb_test.go
debug.go		debug.go
debug_test.go		debug_test.go
doc.go		doc.go
encrypted.go		encrypted.go
encrypted_test.go		encrypted_test.go
error.go		error.go
error_test.go		error_test.go
go.mod		go.mod
go.sum		go.sum
http.go		http.go
http_test.go		http_test.go
sonar-project.properties		sonar-project.properties

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

go-http-crumb

Documentation

Example

Simple (Encypted crumbs)

HTTP (Simple)

HTTP (Doing it yourself)

Schemes

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}

About

Releases 19

Packages

Languages

aaronland/go-http-crumb

Folders and files

Latest commit

History

Repository files navigation

go-http-crumb

Documentation

Example

Simple (Encypted crumbs)

HTTP (Simple)

HTTP (Doing it yourself)

Schemes

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}

About

Resources

Stars

Watchers

Forks

Releases 19

Packages 0

Languages

Packages