Noodles, Poodles and More!
    Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

    seasurfpublic

    seasurf

    CSRF session middleware.

    Installation

    $ npm install seasurf
    

    Usage

    var seasurf = require('seasurf');
     
    // All paths past this point have access to the csrfToken method 
    app.use(seasurf({
      // see Options 
    });

    Options

    paths: Array of leading pathnames to enforce CSRF tokens on (with an enforced method). Defaults to all paths.

    methods: Array of HTTP method names to enforce CSRF tokens on (with an enforced path). Defaults to all methods.

    session: Name of the key pointing to session data. Defaults to 'session'.

    token(req, res): Function returning the CSRF token from a request. Defaults to the value of the X-CSRF-Token header.

    unverified(req, res): Function called when a CSRF token cannot be verified. Defaults to an empty response with status 403.

    License

    Released under the terms of the MIT license. See LICENSE.

    Keywords

    install

    npm i seasurf

    Downloadsweekly downloads

    5

    version

    0.1.0

    license

    MIT

    repository

    github.com

    last publish

    collaborators

    • avatar