rainbownapkin/canopy
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions

Protected socket.io connection with csrf-sync to prevent cross-site connections.

Browse source
This commit is contained in:
rainbow napkin 2024-12-29 23:06:11 -05:00
parent 6c379321f7
commit 4a865e8aa8
3 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/utils/csrfUtils.js
View file

@ -21,9 +21,11 @@ const { csrfSync } = require('csrf-sync');
const {errorHandler} = require('./loggerUtils');
//Pull needed methods from csrfSync
const {generateToken, revokeToken, csrfSynchronisedProtection} = csrfSync();
const {generateToken, revokeToken, csrfSynchronisedProtection, isRequestValid} = csrfSync();
//Export them per csrfSync documentation
//if nothing else it's nice syntactic sugar to not have to run the method again
module.exports.generateToken = generateToken;
module.exports.revokeToken = revokeToken;
module.exports.csrfSynchronisedProtection = csrfSynchronisedProtection;
module.exports.csrfSynchronisedProtection = csrfSynchronisedProtection;
module.exports.isRequestValid = isRequestValid;