`prismy-csrf`

🛡️ CSRF Protection for prismy

npm i prismy-csrf

Example

import {
  prismy,
  Context,
  createInjectDecorators,
  createTextBodySelector,
  UrlEncodedBody
} from 'prismy'
import createCSRFProtection from 'prismy-csrf'
import JWTCSRFStrategy from 'prismy-csrf-strategy-jwt'
import querystring from 'querystring'

const { CSRFToken, CSRFMiddleware } = createCSRFProtection(
  new JWTCSRFStrategy({
    secret: 'RANDOM_HASH',
    tokenSelector: (context: Context) => {
      const body = createUrlEncodedBodySelector()(context)
      return body._csrf
    }
  })
)

class MyHandler extends BaseHandler {
  async handle(@CSRFToken() csrfToken: string) {
    return [
      '<!DOCTYPE html>',
      '<body>',
      '<form action="/" method="post">',
      '<input name="message">',
      `<input type="hidden" name="_csrf" value=${csrfToken}>`,
      '<button type="submit">Send</button>',
      '</form>',
      '</body>'
    ].join('')
  }
}

export default prismy([CSRFMiddleware, MyHandler])

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
specs		specs
src		src
.gitignore		.gitignore
.prettierrc		.prettierrc
.travis.yml		.travis.yml
package.json		package.json
readme.md		readme.md
tsconfig.build.json		tsconfig.build.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

`prismy-csrf`

Example

About

Releases

Packages

Languages

prismyland/prismy-csrf

Folders and files

Latest commit

History

Repository files navigation

prismy-csrf

Example

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

`prismy-csrf`

Packages