Skip to content

dederobert/duskphp-middleware

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DuskPHP - Middleware

Build Status Coverage Status

Provide middleware:

  • a CSRF authenticator which protect against CSRF attack with a token authentication

How to use

  • ## CSRF Authenticator How to use it ?

This middleware check every POST, PUT and DELETE request for a CSRF token.

$middleware = new CsrfMiddleware($_SESSION, 200);
$dispatcher->pipe($middleware);

Input

The middleware check if the string <:csrf_token_field:> is in response and replace it with the authenticator's token.

<form action="" method="post">
   ...
   <:csrf_token_field:>
</form>

LICENSE

DuskPHP - A simple PHP framework build with middleware pattern

Copyright (C) 2017 HovenSoft

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see www.gnu.org/licenses.