infuse/csrf

Anti-CSRF module for Infuse Framework

1.1 2017-12-16 16:12 UTC

This package is auto-updated.

Last update: 2024-11-13 08:43:37 UTC


README

Build Status Coverage Status Latest Stable Version Total Downloads HHVM Status

CSRF protection for Infuse Framework. Built on symfony/security-csrf.

Installation

  1. Install the package with composer:

    composer require infuse/csrf
    
  2. Add the services in your app's configuration:

    'services' => [
       // ...
       'csrf' => 'Infuse\Csrf\Csrf',
       'csrf_tokens' => 'Infuse\Csrf\CsrfTokens',
       // ...
    ]
  3. Add the middleware to your app:

    $app->middleware($app['csrf']);

Usage

Any POST, PUT, PATCH, and DELETE request that has the middleware installed will check for a valid CSRF token. With a line of code you can add CSRF tokens to a form (Smarty example):

<form action="/transfer" method="POST">
   {$app.csrf->render($req) nofilter}
   <!-- rest of your form... -->
</form>