mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-12-17 05:50:25 +01:00
29 lines
581 B
JavaScript
29 lines
581 B
JavaScript
'use strict';
|
|
|
|
const { csrfSync } = require('csrf-sync');
|
|
|
|
const {
|
|
generateToken,
|
|
csrfSynchronisedProtection,
|
|
isRequestValid,
|
|
} = csrfSync({
|
|
getTokenFromRequest: (req) => {
|
|
if (req.headers['x-csrf-token']) {
|
|
return req.headers['x-csrf-token'];
|
|
} else if (req.body && req.body.csrf_token) {
|
|
return req.body.csrf_token;
|
|
} else if (req.body && req.body._csrf) {
|
|
return req.body._csrf;
|
|
} else if (req.query && req.query._csrf) {
|
|
return req.query._csrf;
|
|
}
|
|
},
|
|
size: 64,
|
|
});
|
|
|
|
module.exports = {
|
|
generateToken,
|
|
csrfSynchronisedProtection,
|
|
isRequestValid,
|
|
};
|