security.go 1.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. package main
  2. import (
  3. "net/http"
  4. "time"
  5. prout "imuslab.com/arozos/mod/prouter"
  6. "imuslab.com/arozos/mod/security/csrf"
  7. )
  8. /*
  9. Security.go
  10. Author: tobychui
  11. This module handles the system security related functions.
  12. If you are looking for authentication or login related features, see auth.go
  13. */
  14. var (
  15. CSRFTokenManager *csrf.TokenManager
  16. tokenExpireTime int64 = 10 //Token expire in 10 seconds
  17. tokenCleaningTime int = int(tokenExpireTime) * 12 //Tokens are cleared every 12 x tokenExpireTime
  18. )
  19. //Initiation function
  20. func security_init() {
  21. //Create a default permission router accessable by everyone
  22. router := prout.NewModuleRouter(prout.RouterOption{
  23. ModuleName: "",
  24. AdminOnly: false,
  25. UserHandler: userHandler,
  26. DeniedHandler: func(w http.ResponseWriter, r *http.Request) {
  27. sendErrorResponse(w, "Permission Denied")
  28. },
  29. })
  30. //Creat a new CSRF Token Manager and token expire in 30 seconds
  31. CSRFTokenManager = csrf.NewTokenManager(userHandler, tokenExpireTime)
  32. //Register functions related to CSRF Tokens
  33. router.HandleFunc("/system/csrf/new", CSRFTokenManager.HandleNewToken)
  34. //Create a timer to clear expired tokens
  35. ticker := time.NewTicker(time.Duration(tokenCleaningTime) * time.Second)
  36. go func() {
  37. for {
  38. select {
  39. case <-ticker.C:
  40. CSRFTokenManager.ClearExpiredTokens()
  41. }
  42. }
  43. }()
  44. }