From 2a4fac79b1655465dd8787be0974b30ea8813a1a Mon Sep 17 00:00:00 2001 From: furu04 Date: Wed, 25 Mar 2026 09:48:22 +0900 Subject: [PATCH] =?UTF-8?q?2FA=E9=81=A9=E7=94=A8=E5=BE=8C=E3=81=ABCSRF?= =?UTF-8?q?=E3=82=A8=E3=83=A9=E3=83=BC=E3=81=AB=E3=81=AA=E3=82=8B=E4=B8=8D?= =?UTF-8?q?=E5=85=B7=E5=90=88=E3=82=92=E4=BF=AE=E6=AD=A3=E3=81=97=E3=80=81?= =?UTF-8?q?=E4=B8=8D=E8=A6=81=E3=81=AA=E5=87=A6=E7=90=86=E3=82=92=E5=89=8A?= =?UTF-8?q?=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/middleware/csrf.go | 6 ------ internal/router/router.go | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/internal/middleware/csrf.go b/internal/middleware/csrf.go index 185f891..cff464b 100644 --- a/internal/middleware/csrf.go +++ b/internal/middleware/csrf.go @@ -101,12 +101,6 @@ func CSRF(config CSRFConfig) gin.HandlerFunc { } c.Next() - - newToken, err := generateCSRFToken(config.Secret) - if err == nil { - session.Set(csrfTokenKey, newToken) - session.Save() - } } } diff --git a/internal/router/router.go b/internal/router/router.go index 3660564..7dac7c4 100644 --- a/internal/router/router.go +++ b/internal/router/router.go @@ -211,7 +211,7 @@ func Setup(cfg *config.Config) *gin.Engine { c.String(http.StatusOK, id) }) - r.GET("/login/2fa", authHandler.ShowLogin2FA) + r.GET("/login/2fa", csrfMiddleware, authHandler.ShowLogin2FA) r.POST("/login/2fa", csrfMiddleware, authHandler.Login2FA) guest := r.Group("/")