README.md

chubbyphp-csrf

Description

A simple csrf solution based on chubbyphp/chubbyphp-session.

Requirements

• php: ~7.0
• chubbyphp/chubbyphp-error-handler: ~1.0
• chubbyphp/chubbyphp-session: ~1.0
• psr/log: ~1.0

Suggest

• pimple/pimple: ~3.0

Installation

Through Composer as chubbyphp/chubbyphp-csrf.

composer require chubbyphp/chubbyphp-csrf "~1.0"

Usage

CsrfErrorResponseMiddleware

<?php

use Chubbyphp\Csrf\CsrfErrorHandlerInterface;
use Chubbyphp\Csrf\CsrfErrorResponseMiddleware;
use Chubbyphp\Csrf\CsrfTokenGenerator;
use Chubbyphp\Session\Session;

$session = new Session();
$middleware = new CsrfErrorResponseMiddleware(
    new CsrfTokenGenerator(),
    $session,
    new class() implements CsrfErrorHandlerInterface {
        public function errorResponse(
            Request $request,
            Response $response,
            int $code,
            string $reasonPhrase
        ): Response {
            return $response->withStatus($code, $reasonPhrase);
        }
    }
);

/** @var Slim\App $app */
$app->add($middleware);

CsrfMiddleware (deprecated)

<?php

use Chubbyphp\Csrf\CsrfMiddleware;
use Chubbyphp\Csrf\CsrfTokenGenerator;
use Chubbyphp\Session\Session;

$session = new Session();
$middleware = new CsrfMiddleware(new CsrfTokenGenerator(), $session);

/** @var Slim\App $app */
$app->add($middleware);

CsrfProvider (Pimple)

<?php

namespace Chubbyphp\Csrf\CsrfProvider;
namespace Chubbyphp\Csrf\SessionProvider;
namespace Pimple\Container;

$container = new Container();
$container->register(new CsrfProvider());
$container->register(new SessionProvider());

/** @var Slim\App $app */
$app->add($container['csrf.middleware']);

CsrfTokenGenerator

<?php

use Chubbyphp\Csrf\CsrfTokenGenerator;

$generator = new CsrfTokenGenerator();

Copyright

Dominik Zogg 2016