0.1.1 • Published 5 years ago

@rsc/tokenator v0.1.1

Weekly downloads
1
License
ISC
Repository
github
Last release
5 years ago

npm-tokenator

Tokenator is a simple NPM module that decorates specific HTML forms with tokens from an external API for CSRF requests.

Installation and Use

npm i --save @rsc/tokenator

To call this, simply require the module, and initialize it:

import tokenate from "@rsc/tokenator";

document.addEventListener("DOMContentLoaded", () => {
  tokenate(
    "https://form-action-that-requires-tokens",
    "https://uri-to-request-a-token"
  );
});

Tokenator expects to be able to retieve a token via a simple GET request to an endpoint. If successful, return a 200 status with the following response:

{
  "token": "Some unique token that will be checked by the form processor"
}

Tokenator receives that token and inserts it into the form via a hidden input element, e.g.,:

<form action="https://form-action-that-requires-tokens" method="post">
  <input type="text" name="name" placeholder="Your Name" />
  <input type="text" name="email" placeholder="Email" />
  <textarea name="question" placeholder="Your question..."></textarea>

  <button type="submit">Contact Us</button>

  <!-- This is inserted by tokenator! -->
  <input
    type="hidden"
    name="token"
    value="Some unique token that will be checked by the form processor"
  />
</form>

Everything else, such as a token validation error, is intended to be handled by you, the consumer of this script.

Testing

Testing is accomplished with Jest and jsdom

cd npm-tokenator
npm install
npm run test
@everything-registry/sub-chunk-792@zalastax/nolb-_rs
0.1.1

5 years ago

0.1.0

5 years ago