From feb5a2b1cdc28e084d01acbb9b7322c999f13fc9 Mon Sep 17 00:00:00 2001
From: claude-zq <claude-zq@qq.com>
Date: Mon, 29 Jul 2024 11:52:34 +0800
Subject: [PATCH 1/2] fix: fix misuse of switch

---
 middleware/csrf/custom_errorfunc/main.go | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/middleware/csrf/custom_errorfunc/main.go b/middleware/csrf/custom_errorfunc/main.go
index 1be6481c..46422763 100644
--- a/middleware/csrf/custom_errorfunc/main.go
+++ b/middleware/csrf/custom_errorfunc/main.go
@@ -41,13 +41,16 @@ var (
 // myErrFunc is executed when an error occurs in csrf middleware.
 func myErrFunc(_ context.Context, ctx *app.RequestContext) {
 	err := ctx.Errors.Last()
-	switch err {
-	case errMissingForm, errMissingParam, errMissingHeader, errMissingQuery:
+	if err == nil {
+		return
+	}
+
+	if errors.Is(err, errMissingForm) || errors.Is(err, errMissingParam) || errors.Is(err, errMissingHeader) || errors.Is(err, errMissingQuery) {
 		ctx.String(http.StatusBadRequest, err.Error()) // extract csrf-token failed
-	case errMissingSalt:
+	} else if errors.Is(err, errMissingSalt) {
 		fmt.Println(err.Error())
-		ctx.String(http.StatusInternalServerError, err.Error()) // get salt failed,which is unexpected
-	case errInvalidToken:
+		ctx.String(http.StatusInternalServerError, err.Error()) // get salt failed, which is unexpected
+	} else if errors.Is(err, errInvalidToken) {
 		ctx.String(http.StatusBadRequest, err.Error()) // csrf-token is invalid
 	}
 	ctx.Abort()

From 4d5ac18b05ad7eea78efc2b4e66e20fa223d0316 Mon Sep 17 00:00:00 2001
From: claude-zq <claude-zq@qq.com>
Date: Tue, 30 Jul 2024 12:14:38 +0800
Subject: [PATCH 2/2] fix: use switch type

---
 middleware/csrf/custom_errorfunc/main.go | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/middleware/csrf/custom_errorfunc/main.go b/middleware/csrf/custom_errorfunc/main.go
index 46422763..f4557e75 100644
--- a/middleware/csrf/custom_errorfunc/main.go
+++ b/middleware/csrf/custom_errorfunc/main.go
@@ -45,14 +45,21 @@ func myErrFunc(_ context.Context, ctx *app.RequestContext) {
 		return
 	}
 
-	if errors.Is(err, errMissingForm) || errors.Is(err, errMissingParam) || errors.Is(err, errMissingHeader) || errors.Is(err, errMissingQuery) {
-		ctx.String(http.StatusBadRequest, err.Error()) // extract csrf-token failed
-	} else if errors.Is(err, errMissingSalt) {
-		fmt.Println(err.Error())
-		ctx.String(http.StatusInternalServerError, err.Error()) // get salt failed, which is unexpected
-	} else if errors.Is(err, errInvalidToken) {
-		ctx.String(http.StatusBadRequest, err.Error()) // csrf-token is invalid
+	switch err.Err.(type) {
+	case error:
+		switch {
+		case errors.Is(err, errMissingForm), errors.Is(err, errMissingParam), errors.Is(err, errMissingHeader), errors.Is(err, errMissingQuery):
+			ctx.String(http.StatusBadRequest, err.Error()) // extract csrf-token failed
+		case errors.Is(err, errMissingSalt):
+			fmt.Println(err.Error())
+			ctx.String(http.StatusInternalServerError, err.Error()) // get salt failed, which is unexpected
+		case errors.Is(err, errInvalidToken):
+			ctx.String(http.StatusBadRequest, err.Error()) // csrf-token is invalid
+		default:
+			ctx.String(http.StatusInternalServerError, "Unknown error") // handle unknown errors
+		}
 	}
+
 	ctx.Abort()
 }