Minor fix in jwt and csrf middleware

Signed-off-by: Vishal Rana <vr@labstack.com>
2025-03-29 21:56:53 +02:00 · 2016-05-26 19:23:46 -07:00 · 2016-05-26 19:23:46 -07:00 · dc244c173d
commit dc244c173d
parent 7e52ad4dd5
2 changed files with 16 additions and 16 deletions
--- a/middleware/csrf.go
+++ b/middleware/csrf.go
@ -20,14 +20,14 @@ type (
 		// Key to create CSRF token.
 		Secret []byte `json:"secret"`
-		// Lookup is a string in the form of "<source>:<key>" that is used to extract
+		// TokenLookup is a string in the form of "<source>:<key>" that is used
-		// token from the request.
+		// to extract token from the request.
 		// Optional. Default value "header:X-CSRF-Token".
 		// Possible values:
 		// - "header:<name>"
 		// - "form:<name>"
 		// - "header:<name>"
-		Lookup string `json:"lookup"`
+		TokenLookup string `json:"token_lookup"`
 		// Context key to store generated CSRF token into context.
 		// Optional. Default value "csrf".
@ -66,7 +66,7 @@ type (
 var (
 	// DefaultCSRFConfig is the default CSRF middleware config.
 	DefaultCSRFConfig = CSRFConfig{
-		Lookup:        "header:" + echo.HeaderXCSRFToken,
+		TokenLookup:   "header:" + echo.HeaderXCSRFToken,
 		ContextKey:    "csrf",
 		CookieName:    "csrf",
 		CookieExpires: time.Now().Add(24 * time.Hour),
@ -88,8 +88,8 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
 	if config.Secret == nil {
 		panic("csrf secret must be provided")
 	}
-	if config.Lookup == "" {
+	if config.TokenLookup == "" {
-		config.Lookup = DefaultCSRFConfig.Lookup
+		config.TokenLookup = DefaultCSRFConfig.TokenLookup
 	}
 	if config.ContextKey == "" {
 		config.ContextKey = DefaultCSRFConfig.ContextKey
@ -102,7 +102,7 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
 	}
 	// Initialize
-	parts := strings.Split(config.Lookup, ":")
+	parts := strings.Split(config.TokenLookup, ":")
 	extractor := csrfTokenFromHeader(parts[1])
 	switch parts[0] {
 	case "form":
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@ -25,13 +25,13 @@ type (
 		// Optional. Default value "user".
 		ContextKey string `json:"context_key"`
-		// Lookup is a string in the form of "<source>:<key>" that is used to extract
+		// TokenLookup is a string in the form of "<source>:<name>" that is used
-		// token from the request.
+		// to extract token from the request.
 		// Optional. Default value "header:Authorization".
 		// Possible values:
 		// - "header:<name>"
-		// - "form:<name>"
+		// - "query:<name>"
-		Lookup string `json:"lookup"`
+		TokenLookup string `json:"token_lookup"`
 	}
 	jwtExtractor func(echo.Context) (string, error)
@ -51,7 +51,7 @@ var (
 	DefaultJWTConfig = JWTConfig{
 		SigningMethod: AlgorithmHS256,
 		ContextKey:    "user",
-		Lookup:        "header:" + echo.HeaderAuthorization,
+		TokenLookup:   "header:" + echo.HeaderAuthorization,
 	}
 )
@ -81,15 +81,15 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
 	if config.ContextKey == "" {
 		config.ContextKey = DefaultJWTConfig.ContextKey
 	}
-	if config.Lookup == "" {
+	if config.TokenLookup == "" {
-		config.Lookup = DefaultJWTConfig.Lookup
+		config.TokenLookup = DefaultJWTConfig.TokenLookup
 	}
 	// Initialize
-	parts := strings.Split(config.Lookup, ":")
+	parts := strings.Split(config.TokenLookup, ":")
 	extractor := jwtFromHeader(parts[1])
 	switch parts[0] {
-	case "form":
+	case "query":
 		extractor = jwtFromQuery(parts[1])
 	}