mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-05-08 14:36:13 +00:00
10ebc6cbdc
* Implement CSRF protection and security hardening across the application - Added CSRF token handling in axios requests and HTML templates. - Introduced CSRF middleware to validate tokens for unsafe HTTP methods. - Implemented login limiter to prevent brute-force attacks. - Enhanced security headers in middleware for improved response security. - Updated login notification to include safe metadata without passwords. - Added tests for CSRF middleware and login limiter functionality. * fix
14 lines
261 B
Go
14 lines
261 B
Go
package service
|
|
|
|
import (
|
|
"reflect"
|
|
"testing"
|
|
)
|
|
|
|
func TestLoginAttemptDoesNotCarryPassword(t *testing.T) {
|
|
typ := reflect.TypeOf(LoginAttempt{})
|
|
if _, ok := typ.FieldByName("Password"); ok {
|
|
t.Fatal("LoginAttempt must not carry attempted passwords")
|
|
}
|
|
}
|