zakirullin/csrf-middleware
Composer 安装命令:
composer require zakirullin/csrf-middleware
包简介
PSR-15 middleware to handle CSRF-token verification
README 文档
README
A PSR-15 middleware to automate CSRF-token verification process
Requirements
- PHP >= 7.1
- A PSR-7 http message implementation (Diactoros, Guzzle, Slim, etc...)
- A PSR-15 middleware dispatcher
Installation
This package is installable and autoloadable via Composer as zakirullin/csrf-middleware.
composer require zakirullin/csrf-middleware
PHP
$getIdentity = function (\Psr\Http\Message\ServerRequestInterface $request) { $session = $request->getAttribute('session'); return $session->get('id'); }; $dispatcher = new Dispatcher([ ... new \Zakirullin\Middlewares\CSRF($getIdentity, 'secret'), ... ]);
HTML
<form method="POST" action="/dangerous/action"> ... <input type="hidden" name="csrf" value="<?= $request->getAttribute('csrf') ?>"> ... </form>
Options
__construct( callable $getIdentity, string $secret, string $attribute = self::ATTRIBUTE, int $ttl = self::TTL, string $algorithm = self::ALGORITHM )
$getIdentity(ServerRequestInterface $request)
A callback that should return a string containing some per-user unique identity. For example - session id.
The MIT License (MIT). Please see LICENSE for more information.
统计信息
- 总下载量: 300
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 3
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2018-05-12