cradlephp / cradle-csrf
CSRF handler for Cradle
Installs: 883
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 1
Type:cradle-package
Requires
- cradlephp/framework: ~2.3.0
Requires (Dev)
- php-coveralls/php-coveralls: ~2.1.0
- phpunit/phpunit: 7.0.2
- squizlabs/php_codesniffer: 3.2.3
README
CSRF helpers
Install
composer require cradlephp/cradle-csrf
Then in /bootstrap.php
, add
->register('cradlephp/cradle-csrf')
Usage
In any of your routes add the following code.
cradle()->trigger('csrf-load', $request, $response);
The CSRF token will be found in $request->getStage('csrf')
. In your form
template, be sure to add this key in a hidden field like the following.
<input name="csrf" value="{{csrf}}" />
When validating this form in a route you can use the following
cradle()->trigger('csrf-validate', $request, $response);
If there is an error, it will be found in the response error object message. You can check this using the following.
if($response->isError()) {
$message = $response->getMessage();
//report the error
}