package hydra import ( "forge.cadoles.com/wpetit/hydra-webauthn/internal/config" "github.com/go-chi/chi" "github.com/gorilla/csrf" "github.com/pkg/errors" "gitlab.com/wpetit/goweb/session/gorilla" ) func Mount(r *chi.Mux, config *config.Config) error { csrfSecret, err := gorilla.GenerateRandomBytes(32) if err != nil { return errors.Wrap(err, "could not generate CSRF secret") } csrfMiddleware := csrf.Protect( csrfSecret, csrf.Secure(false), ) r.Group(func(r chi.Router) { r.Use(csrfMiddleware) r.Get("/login", serveLoginPage) r.Post("/login", handleLoginForm) r.Get("/logout", serveLogoutPage) r.Get("/consent", serveConsentPage) r.Get("/register/{token}", serveRegisterPage) r.Post("/register/{token}", handleRegisterForm) }) return nil }