2FA適用後にCSRFエラーになる不具合を修正し、不要な処理を削除

2026-03-25 09:48:22 +09:00
parent 1113477111
commit 2a4fac79b1
2 changed files with 1 additions and 7 deletions
--- a/internal/middleware/csrf.go
+++ b/internal/middleware/csrf.go
@@ -101,12 +101,6 @@ func CSRF(config CSRFConfig) gin.HandlerFunc {
 		}

 		c.Next()
-
-		newToken, err := generateCSRFToken(config.Secret)
-		if err == nil {
-			session.Set(csrfTokenKey, newToken)
-			session.Save()
-		}
 	}
 }

--- a/internal/router/router.go
+++ b/internal/router/router.go
@@ -211,7 +211,7 @@ func Setup(cfg *config.Config) *gin.Engine {
 		c.String(http.StatusOK, id)
 	})

-	r.GET("/login/2fa", authHandler.ShowLogin2FA)
+	r.GET("/login/2fa", csrfMiddleware, authHandler.ShowLogin2FA)
 	r.POST("/login/2fa", csrfMiddleware, authHandler.Login2FA)

 	guest := r.Group("/")