primary logic behind csrf tokens
Logic behind CSRF token creation and verification. Read Understanding-CSRF for more information on CSRF. Use this module to create custom CSRF middleware and what not.
$ npm install csrf
var csrf = require'csrf'optionsvar secret = csrfsecretSyncvar token = csrfcreatesecretvar valid = csrfverifysecret token
secretLength: 24- the byte length of the secret key
saltLength: 8- the string length of the salt
tokensize: (secret, salt) => token- a custom token creation function
Asynchronously create a new
secret of length
cb is not defined, a promise is returned.
You don't have to use this.
Synchronous version of
Create a CSRF token based on a
This is the token you pass to clients.
Check whether a CSRF token is valid based on a
If it's not valid, you should probably throw a