Skip to content

trekjs/csrf

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

trek-csrf

CSRF Tokens Middleware for Trek.js

Installation

$ npm install trek-csrf --save

Examples

'use strict'

const Engine = require('trek-engine')
const sessions = require('trek-sessions')
const bodyParser = require('trek-body-parser')
const csrf = require('trek-csrf')

async function start () {
  const app = new Engine()

  app.use(sessions())

  app.use(bodyParser())

  app.use(csrf())

  app.use(ctx => {
    ctx.res.body = ctx.store.get('csrf')
  })

  app.on('error', (err, ctx) => {
    console.log(err)
  })

  app.run(3000)
}

start().catch(console.log)

API

csrf({
  key: 'csrf',
  tokenLookup: 'header:X-CSRF-Token',
  ignoreMethods: ['GET', 'HEAD', 'OPTIONS', 'TRACE'],
  // https://github.com/pillarjs/csrf#new-tokensoptions
  tokenOptions: undefined
})

Badges

Build Status codecov


fundon.me  ·  GitHub @fundon  ·  Twitter @_fundon