diff --git a/src/components/CsrfProtectionComponent.ts b/src/components/CsrfProtectionComponent.ts index 621e155..f1f2592 100644 --- a/src/components/CsrfProtectionComponent.ts +++ b/src/components/CsrfProtectionComponent.ts @@ -1,19 +1,19 @@ import ApplicationComponent from "../ApplicationComponent"; -import {Router} from "express"; +import {Request, Router} from "express"; import crypto from "crypto"; import {BadRequestError} from "../HttpError"; export default class CsrfProtectionComponent extends ApplicationComponent { - private static readonly routeExcluders: ((path: string) => boolean)[] = []; + private static readonly excluders: ((req: Request) => boolean)[] = []; - public static addRouteExcluder(excluder: (path: string) => boolean) { - this.routeExcluders.push(excluder); + public static addExcluder(excluder: (req: Request) => boolean) { + this.excluders.push(excluder); } public async handle(router: Router): Promise { router.use(async (req, res, next) => { - for (const excluder of CsrfProtectionComponent.routeExcluders) { - if (excluder(req.path)) return next(); + for (const excluder of CsrfProtectionComponent.excluders) { + if (excluder(req)) return next(); } if (!req.session) {