You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Another suggestion, could you add CSRF protection to the ChitChat example or at least address it in the book somewhere (preferably session based one: CSRF token from the form's POST value or HTTP request's CSRF header value, has to match CSRF token in the session store)
This way basic security protection is covered.
The text was updated successfully, but these errors were encountered:
Do you think it would be more educational to use http://stackoverflow.com/a/23259804 as an example of generating a hashed password and then comparing the password provided by chitchat user to the previously hashed password here https://github.com/sausheong/gwp/blob/master/Chapter_2_Go_ChitChat/chitchat/route_auth.go#L48
Another suggestion, could you add CSRF protection to the ChitChat example or at least address it in the book somewhere (preferably session based one: CSRF token from the form's POST value or HTTP request's CSRF header value, has to match CSRF token in the session store)
This way basic security protection is covered.
The text was updated successfully, but these errors were encountered: