timur-flush/sofa-csrf

The library is designed to be soft csrf protection in Phalcon application.

Maintainers

Details

github.com/TimurFlush/sofa-csrf

Source

Issues

Installs: 33

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2018-07-09 03:14 UTC

Requires

  • php: ^7.2.0
  • ext-phalcon: ^3.3.0

BSD-3-Clause 2da060fb4984867429471f8b41afcf49eafcf778

  • flush02 <flush02.woop@tutanota.com>

This package is auto-updated.

Last update: 2024-04-15 00:00:13 UTC

README

The library is designed to be soft csrf protection in Phalcon application.

Attention please

The token is permanent within the current session. Even if the token is entered incorrectly, it is not updated within the current session.

Using

//in Dependency Injection
$di->setShared(
    'csrf',
    function() {
        //The variable must store the value of interface \Phalcon\Session\AdapterInterface
        $sessionAdapter = $this->getSession();
        
        return new \TimurFlush\SofaCsrf\Protection($sessionAdapter);
    }
);

//in form
class form extends \Phalcon\Form
{
    public function initialize()
    {
        $csrf = new Hidden('csrf_token');
        $csrf->addValidator(
            new \TimurFlush\SofaCsrf\Validator\Csrf(
                [
                    'message' => 'Invalid csrf. Try again!'
                    //option 'cancelOnFail' is already installed
                ]
            )
        );
    }
}

License

BSD-3-Clause

Version

2.0.0-B1

Author

Timur Flush

E-mail: flush02@tutanota.com

Telegram: @flush02