本文整理匯總了Golang中github.com/keep94/appcommon/session_util.UserIdSession.NewXsrfToken方法的典型用法代碼示例。如果您正苦於以下問題:Golang UserIdSession.NewXsrfToken方法的具體用法?Golang UserIdSession.NewXsrfToken怎麽用?Golang UserIdSession.NewXsrfToken使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類github.com/keep94/appcommon/session_util.UserIdSession
的用法示例。
在下文中一共展示了UserIdSession.NewXsrfToken方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: TestXsrfToken
func TestXsrfToken(t *testing.T) {
s := session_util.UserIdSession{&sessions.Session{Values: make(map[interface{}]interface{})}}
s.SetUserId(kUserId)
xsrfToken := s.NewXsrfToken("MyPage", kNow.Add(15*time.Minute))
if !s.VerifyXsrfToken(xsrfToken, "MyPage", kNow.Add(14*time.Minute)) {
t.Error("Expected token to verify")
}
if s.VerifyXsrfToken(
xsrfToken, "AnotherPage", kNow.Add(14*time.Minute)) {
t.Error("Expected token not to verify. Wrong page")
}
if s.VerifyXsrfToken(xsrfToken, "MyPage", kNow.Add(15*time.Minute)) {
t.Error("Expected token not to verify. Time expired")
}
}
示例2: TestXsrfTokenNewUser
func TestXsrfTokenNewUser(t *testing.T) {
s := session_util.UserIdSession{&sessions.Session{Values: make(map[interface{}]interface{})}}
s.SetUserId(kUserId)
xsrfToken := s.NewXsrfToken("MyPage", kNow.Add(15*time.Minute))
if !s.VerifyXsrfToken(xsrfToken, "MyPage", kNow) {
t.Error("Expected token to verify")
}
s.SetUserId(kUserId + 1)
if s.VerifyXsrfToken(xsrfToken, "MyPage", kNow) {
t.Error("Expected token not to verify. Different user.")
}
s.SetUserId(kUserId)
if s.VerifyXsrfToken(xsrfToken, "MyPage", kNow) {
t.Error("Expected token not to verify. Secret should have changed.")
}
}
示例3: TestXsrfTokenHack
func TestXsrfTokenHack(t *testing.T) {
s := session_util.UserIdSession{&sessions.Session{Values: make(map[interface{}]interface{})}}
s.SetUserId(kUserId)
xsrfToken := s.NewXsrfToken("MyPage", kNow.Add(15*time.Minute))
if !s.VerifyXsrfToken(xsrfToken, "MyPage", kNow) {
t.Error("Expected token to verify")
}
if xsrfToken[10] != ':' {
t.Error("Expected field dlimiter in xsrf token")
}
xsrfExpire := xsrfToken[:10]
xsrfChecksum := xsrfToken[11:]
if s.VerifyXsrfToken("", "MyPage", kNow) {
t.Error("Missing token should not verify.")
}
if s.VerifyXsrfToken("garbage", "MyPage", kNow) {
t.Error("garbage token should not verify.")
}
if s.VerifyXsrfToken("garbage:with_field_delimiter", "MyPage", kNow) {
t.Error("garbage with field delimiter token should not verify.")
}
if s.VerifyXsrfToken(
xsrfExpire+":garbage_checksum", "MyPage", kNow) {
t.Error("token with garbage checksum should not verify.")
}
// Add one to expire in token but leave checksum the same.
expire, err := strconv.Atoi(xsrfExpire)
if err != nil {
t.Errorf("Error happened parsing timestamp %v", err)
}
regularToken := fmt.Sprintf("%d:%s", expire, xsrfChecksum)
hackedToken := fmt.Sprintf("%d:%s", expire+1, xsrfChecksum)
if !s.VerifyXsrfToken(regularToken, "MyPage", kNow) {
t.Error("Expected regular token to verify")
}
if s.VerifyXsrfToken(hackedToken, "MyPage", kNow) {
t.Error("Expected hacked token not to verify")
}
}