diff --git a/middleware/csrf.go b/middleware/csrf.go index 9dbda028..9bc9261c 100644 --- a/middleware/csrf.go +++ b/middleware/csrf.go @@ -20,14 +20,14 @@ type ( // Key to create CSRF token. Secret []byte `json:"secret"` - // Lookup is a string in the form of ":" that is used to extract - // token from the request. + // TokenLookup is a string in the form of ":" that is used + // to extract token from the request. // Optional. Default value "header:X-CSRF-Token". // Possible values: // - "header:" // - "form:" // - "header:" - Lookup string `json:"lookup"` + TokenLookup string `json:"token_lookup"` // Context key to store generated CSRF token into context. // Optional. Default value "csrf". @@ -66,7 +66,7 @@ type ( var ( // DefaultCSRFConfig is the default CSRF middleware config. DefaultCSRFConfig = CSRFConfig{ - Lookup: "header:" + echo.HeaderXCSRFToken, + TokenLookup: "header:" + echo.HeaderXCSRFToken, ContextKey: "csrf", CookieName: "csrf", CookieExpires: time.Now().Add(24 * time.Hour), @@ -88,8 +88,8 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc { if config.Secret == nil { panic("csrf secret must be provided") } - if config.Lookup == "" { - config.Lookup = DefaultCSRFConfig.Lookup + if config.TokenLookup == "" { + config.TokenLookup = DefaultCSRFConfig.TokenLookup } if config.ContextKey == "" { config.ContextKey = DefaultCSRFConfig.ContextKey @@ -102,7 +102,7 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc { } // Initialize - parts := strings.Split(config.Lookup, ":") + parts := strings.Split(config.TokenLookup, ":") extractor := csrfTokenFromHeader(parts[1]) switch parts[0] { case "form": diff --git a/middleware/jwt.go b/middleware/jwt.go index 75fc759e..d8c7af28 100644 --- a/middleware/jwt.go +++ b/middleware/jwt.go @@ -25,13 +25,13 @@ type ( // Optional. Default value "user". ContextKey string `json:"context_key"` - // Lookup is a string in the form of ":" that is used to extract - // token from the request. + // TokenLookup is a string in the form of ":" that is used + // to extract token from the request. // Optional. Default value "header:Authorization". // Possible values: // - "header:" - // - "form:" - Lookup string `json:"lookup"` + // - "query:" + TokenLookup string `json:"token_lookup"` } jwtExtractor func(echo.Context) (string, error) @@ -51,7 +51,7 @@ var ( DefaultJWTConfig = JWTConfig{ SigningMethod: AlgorithmHS256, ContextKey: "user", - Lookup: "header:" + echo.HeaderAuthorization, + TokenLookup: "header:" + echo.HeaderAuthorization, } ) @@ -81,15 +81,15 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc { if config.ContextKey == "" { config.ContextKey = DefaultJWTConfig.ContextKey } - if config.Lookup == "" { - config.Lookup = DefaultJWTConfig.Lookup + if config.TokenLookup == "" { + config.TokenLookup = DefaultJWTConfig.TokenLookup } // Initialize - parts := strings.Split(config.Lookup, ":") + parts := strings.Split(config.TokenLookup, ":") extractor := jwtFromHeader(parts[1]) switch parts[0] { - case "form": + case "query": extractor = jwtFromQuery(parts[1]) }