Logic behind CSRF token creation and verification.
Tiny and effective module that helps you to create and verify csrf
tokens.
Get it: npm install csrf
Sample usage:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| const Tokens = require('csrf');
/*
function Tokens() =>
name: "Tokens"
prototype: Tokens
_tokenize: function()
create: function()
secret: function()
secretSync: function()
verify: function()
*/
const tokens = new Tokens();
await tokens.secret()
//^ Something like "8SOJmA_ewWfI0g9qKbcuSvhC"
// also
const secret = tokens.secretSync()
const token = tokens.create(secret)
// verify
if (!tokens.verify(secret, token)) {
throw new Error('invalid token!')
}
|
GIF FTW!