nonshy
/
website
1
0
Fork 1
Code Issues 20 Pull Requests Packages Projects Releases Wiki Activity

Fix panic on CSRF middleware failure

pull/12/head
Noah 2022-09-26 19:46:05 -07:00
parent d66ba92f55
commit 6dcb0c66e8
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/router/router.go
View File

@ -86,9 +86,9 @@ func New() http.Handler {
mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(config.StaticPath)))) mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(config.StaticPath))))
// Global middlewares. // Global middlewares.
withSession := middleware.Session(mux) withCSRF := middleware.CSRF(mux)
withCSRF := middleware.CSRF(withSession) withSession := middleware.Session(withCSRF)
withRecovery := middleware.Recovery(withCSRF) withRecovery := middleware.Recovery(withSession)
withLogger := middleware.Logging(withRecovery) withLogger := middleware.Logging(withRecovery)
return withLogger return withLogger
} }

4
pkg/session/session.go
View File

@ -195,6 +195,10 @@ func ImpersonateUser(w http.ResponseWriter, r *http.Request, u *models.User, imp
// Impersonated returns if the current session has an impersonator. // Impersonated returns if the current session has an impersonator.
func Impersonated(r *http.Request) bool { func Impersonated(r *http.Request) bool {
sess := Get(r) sess := Get(r)
if sess == nil {
return false
}
return sess.Impersonator > 0 return sess.Impersonator > 0
} }