diff options
author | r <r@freesoftwareextremist.com> | 2020-01-25 10:07:06 +0000 |
---|---|---|
committer | r <r@freesoftwareextremist.com> | 2020-01-26 06:49:29 +0000 |
commit | bf2cfaf0ede0e9744408f52538fb4bcd87a6d5b8 (patch) | |
tree | 5d3be1dfa65395bddedd2fb6f06a990c23274f00 /migrations/csrfToken | |
parent | 5fdc7a59b2efc60e35f5421e28986c356810456e (diff) | |
download | bloat-bf2cfaf0ede0e9744408f52538fb4bcd87a6d5b8.tar.gz bloat-bf2cfaf0ede0e9744408f52538fb4bcd87a6d5b8.zip |
Add CSRF protection
Diffstat (limited to 'migrations/csrfToken')
-rw-r--r-- | migrations/csrfToken/main.go | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/migrations/csrfToken/main.go b/migrations/csrfToken/main.go new file mode 100644 index 0000000..fcd49f2 --- /dev/null +++ b/migrations/csrfToken/main.go @@ -0,0 +1,79 @@ +package main + +import ( + "log" + "math/rand" + "os" + "path/filepath" + "time" + + "bloat/config" + "bloat/kv" + "bloat/repository" + "bloat/util" +) + +var ( + configFile = "bloat.conf" +) + +func init() { + rand.Seed(time.Now().Unix()) +} + +func getKeys(sessionRepoPath string) (keys []string, err error) { + f, err := os.Open(sessionRepoPath) + if err != nil { + return + } + return f.Readdirnames(0) +} + +func main() { + opts, _, err := util.Getopts(os.Args, "f:") + if err != nil { + log.Fatal(err) + } + + for _, opt := range opts { + switch opt.Option { + case 'f': + configFile = opt.Value + } + } + + config, err := config.ParseFile(configFile) + if err != nil { + log.Fatal(err) + } + + if !config.IsValid() { + log.Fatal("invalid config") + } + + sessionRepoPath := filepath.Join(config.DatabasePath, "session") + sessionDB, err := kv.NewDatabse(sessionRepoPath) + if err != nil { + log.Fatal(err) + } + + sessionRepo := repository.NewSessionRepository(sessionDB) + + sessionIds, err := getKeys(sessionRepoPath) + if err != nil { + log.Fatal(err) + } + + for _, id := range sessionIds { + s, err := sessionRepo.Get(id) + if err != nil { + log.Fatal(err) + } + s.CSRFToken = util.NewCSRFToken() + err = sessionRepo.Add(s) + if err != nil { + log.Fatal(err) + } + } + +} |