koa2-csrf
CSRF tokens for Koa >= 2.x (next)
install
npm install koa2-csrf --save
Usage
- Add middleware in Koa app:
;;;;; const app = ;// add session middleware appkeys = 'a' 'b' ;app;// add body parsingapp;// add the csrf middleware (default options are shown)app;app;
- Add the CSRF token in your template forms:
Jade Template:
form(action='/register', method='POST') input(type='hidden', name='_csrf', value=csrf) input(type='email', name='email', placeholder='Email') input(type='password', name='password', placeholder='Password') button(type='submit') Register
EJS Template
<form action="/register" method="POST"> <input type="hidden" name="_csrf" value="<%= csrf %>" /> <input type="email" name="email" placeholder="Email" /> <input type="password" name="password" placeholder="Password" /> <button type="submit">Register</button></form>