README

CSRF protection for Infuse Framework. Built on symfony/security-csrf.

Installation

1. Install the package with composer:

   composer require infuse/csrf
   

2. Add the services in your app's configuration:

   'services' => [
      // ...
      'csrf' => 'Infuse\Csrf\Csrf',
      'csrf_tokens' => 'Infuse\Csrf\CsrfTokens',
      // ...
   ]

3. Add the middleware to your app:

   $app->middleware($app['csrf']);

Usage

Any POST, PUT, PATCH, and DELETE request that has the middleware installed will check for a valid CSRF token. With a line of code you can add CSRF tokens to a form (Smarty example):

<form action="/transfer" method="POST">
   {$app.csrf->render($req) nofilter}
   <!-- rest of your form... -->
</form>