Back to / xsrftoken

Package xsrftoken

Latest Go to latest

The latest major version is .

Published: Sep 26, 2018 | License: BSD-3-Clause | Module:


Package xsrftoken provides methods for generating and validating secure XSRF tokens.



const Timeout = 24 * time.Hour

Timeout is the duration for which XSRF tokens are valid. It is exported so clients may set cookie timeouts that match generated tokens.

func Generate

func Generate(key, userID, actionID string) string

Generate returns a URL-safe secure XSRF token that expires in 24 hours.

key is a secret key for your application; it must be non-empty. userID is an optional unique identifier for the user. actionID is an optional action the user is taking (e.g. POSTing to a particular path).

func Valid

func Valid(token, key, userID, actionID string) bool

Valid reports whether a token is a valid, unexpired token returned by Generate.

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier