1.1.0 • Published 6 years ago

csrf-token v1.1.0

Weekly downloads
178
License
MIT
Repository
github
Last release
6 years ago

CSRF Token

CircleCI Codecov npm License

Create and verify csrf tokens

Functions

const csrf = require('csrf-token')

create(secret [, saltLength , callback])

  1. create(secret: string, saltLength?: number): Promise<string>
  2. create(secret: string, saltLength: number, callback: (error: Error, token: string) => void): void
  3. create(secret: string, callback: (error: Error, token: string) => void): void
  • secret The secret to encrypt.
  • saltLength The length of the generated salt. Default: 8
  • callback A function with the generated token.
  • Returns void if callback is specified otherwise returns a promise with the generated token.

Create a CSRF token asynchronously.

csrf.create('I like CSRF it makes me feel whole').then(token => {
  console.log(`Look at my fancy CSRF token '${token}'`)
})
csrf.create('I want to make my app safer', (err, token) => {
  if (err) console.error(err)
  else console.log(`Hey I got this from a promise '${token}'`)
})

[Back to top]

createSync(secret, saltLength)

  1. createSync(secret: string, saltLength?: number): string
  • secret The secret to encrypt.
  • saltLength The length of the generated salt. Default: 8
  • Returns the generated token.

Create a CSRF token synchronously.

const token = csrf.createSync('I like secure forms')
console.log(`I am running out of ideas but here is a token '${token}'`)

[Back to top]

verify(secret, token , callback)

  1. verify(secret: string, token: string): Promise<boolean>
  2. verify(secret: string, token: string, callback: (matches: boolean) => void): void
  • secret The secret that was supposadly encrypted.
  • token The token that hopefully is the secret in a encrypted form.
  • callback A function with the result of the verification.
  • Returns void if callback is specified otherwise returns a promise with the result of the verification.

Verify CSRF token asynchronously.

csrf.verify(secret, token, (matches) => {
  if (matches) console.log('They match!')
  else console.log('They don\'t they match?')
})
csrf.verify(secret, token).then((matches) => {
  if (matches) console.log('Yes!')
  else console.log('What?!')
})

[Back to top]

verifySync(secret, token)

  1. verifySync(secret: string, token: string): boolean
  • secret The secret that was supposadly encrypted.
  • token The token that hopefully is the secret in a encrypted form.
  • Returns a boolean if the match or not.

Verify CSRF token synchronously.

const matches = csrf.verifySync(secret, token)

if (matches) console.log('Ooooo yeah!')
else console.log('B-b-but why? ;-;')

[Back to top]

Lisence

MIT Lisenced

csrftokentokens
@everything-registry/sub-chunk-1419@ministryofjustice/fb-runner-node@solidgoldpig/fb-runner-node@zalastax/nolb-csr
1.1.0

6 years ago

1.0.0

7 years ago