think-csrf

CSRF for ThinkJS 3.x

Usage no npm install needed!

<script type="module">
  import thinkCsrf from 'https://cdn.skypack.dev/think-csrf';
</script>

README

think-csrf

npm Build Status Coverage Status

CSRF for Thinkjs 3.0

Install

$ npm install think-csrf --save

How to use

config file src/config/middleware.js

const csrf = require('think-csrf');

module.exports = [{
  handle: csrf,
  options: {
    session_name: 'csrf_token',
    form_name: '_csrf',
    header_name: 'x-csrf-token'
  }
}];

Usage

ctx.csrf getter for CSRF token

Options

Name Description Default
session_name csrf token's session name 'csrf_token'
form_name request csrf token's name in body and query '_csrf'
header_name request csrf token's name in header 'x-csrf-token'
errno error status 403
errmsg error message 'invalid csrf token'