Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

there also add a csrftrait to share parmater name bettewn view injection and csrfmiddleware #69

Closed
wants to merge 2 commits into from
Closed

there also add a csrftrait to share parmater name bettewn view injection and csrfmiddleware #69

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
119bc63
Create CsrfTrait
TiaNex-Com Oct 6, 2024
0f9fda1
Update CsrfMiddleware.php
TiaNex-Com Oct 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 5 additions & 30 deletions src/CsrfMiddleware.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
use Psr\Http\Server\RequestHandlerInterface;
use Yiisoft\Http\Method;
use Yiisoft\Http\Status;
use Yiisoft\Csrf\CsrfTrait;

use function in_array;
use function is_string;
Expand All @@ -21,12 +22,8 @@
* @link https://www.php-fig.org/psr/psr-15/
*/
final class CsrfMiddleware implements MiddlewareInterface
{
public const PARAMETER_NAME = '_csrf';
public const HEADER_NAME = 'X-CSRF-Token';

private string $parameterName = self::PARAMETER_NAME;
private string $headerName = self::HEADER_NAME;
{
use CsrfTrait;

Check failure on line 26 in src/CsrfMiddleware.php

View workflow job for this annotation

GitHub Actions / psalm / PHP 8.1-ubuntu-latest

UndefinedTrait 

src/CsrfMiddleware.php:26:9: UndefinedTrait: Trait Yiisoft\Csrf\CsrfTrait does not exist (see https://psalm.dev/023)

Check failure on line 26 in src/CsrfMiddleware.php

View workflow job for this annotation

GitHub Actions / psalm / PHP 8.2-ubuntu-latest

UndefinedTrait 

src/CsrfMiddleware.php:26:9: UndefinedTrait: Trait Yiisoft\Csrf\CsrfTrait does not exist (see https://psalm.dev/023)

Check failure on line 26 in src/CsrfMiddleware.php

View workflow job for this annotation

GitHub Actions / psalm83 / PHP 8.3-ubuntu-latest

UndefinedTrait 

src/CsrfMiddleware.php:26:9: UndefinedTrait: Trait Yiisoft\Csrf\CsrfTrait does not exist (see https://psalm.dev/023)

Check failure on line 26 in src/CsrfMiddleware.php

View workflow job for this annotation

GitHub Actions / psalm74-80 / PHP 7.4-ubuntu-latest

UndefinedTrait 

src/CsrfMiddleware.php:26:9: UndefinedTrait: Trait Yiisoft\Csrf\CsrfTrait does not exist (see https://psalm.dev/023)

Check failure on line 26 in src/CsrfMiddleware.php

View workflow job for this annotation

GitHub Actions / psalm74-80 / PHP 8.0-ubuntu-latest

UndefinedTrait 

src/CsrfMiddleware.php:26:9: UndefinedTrait: Trait Yiisoft\Csrf\CsrfTrait does not exist (see https://psalm.dev/023)

private ResponseFactoryInterface $responseFactory;
private CsrfTokenInterface $token;
Expand Down Expand Up @@ -59,29 +56,7 @@
return $response;
}

public function withParameterName(string $name): self
{
$new = clone $this;
$new->parameterName = $name;
return $new;
}

public function withHeaderName(string $name): self
{
$new = clone $this;
$new->headerName = $name;
return $new;
}

public function getParameterName(): string
{
return $this->parameterName;
}

public function getHeaderName(): string
{
return $this->headerName;
}


private function validateCsrfToken(ServerRequestInterface $request): bool
{
Expand All @@ -98,7 +73,7 @@
{
$parsedBody = $request->getParsedBody();

$token = $parsedBody[$this->parameterName] ?? null;
$token = $parsedBody[$this->formParameterName] ?? null;
if (empty($token)) {
$headers = $request->getHeader($this->headerName);
$token = reset($headers);
Expand Down
46 changes: 46 additions & 0 deletions src/CsrfTrait
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
<?php

declare(strict_types=1);

namespace Yiisoft\Csrf;



/**
* CsrfTrait to share the parameter name bettewn middleware and view injection.
*/
trait CsrfTrait
{
// final const PARAMETER_NAME = '_csrf';
// final const HEADER_NAME = 'X-CSRF-Token';

protected string $formParameterName = '_csrf';
protected string $headerName = 'X-CSRF-Token';


public function withFormParameterName(string $name): self
{
$new = clone $this;
$new->formParameterName = $name;
return $new;
}

public function withHeaderName(string $name): self
{
$new = clone $this;
$new->headerName = $name;
return $new;
}

public function getFormParameterName(): string
{
return $this->formParameterName;
}

public function getHeaderName(): string
{
return $this->headerName;
}


}
Loading