Add svelte as a view engine to swaf #33
@ -1,7 +1,6 @@
|
||||
<script lang="ts">
|
||||
import {locals} from "../../ts/stores.js";
|
||||
import Field from "./Field.svelte";
|
||||
const token = $locals.getCsrfToken ? $locals.getCsrfToken() : undefined;
|
||||
</script>
|
||||
|
||||
<Field type="hidden" name="csrf" value={token}/>
|
||||
<Field type="hidden" name="csrf" value={$locals.getCsrfToken()}/>
|
||||
|
@ -5,6 +5,7 @@ import {Session, SessionData} from "express-session";
|
||||
import ApplicationComponent from "../ApplicationComponent.js";
|
||||
import {AuthMiddleware} from "../auth/AuthComponent.js";
|
||||
import {BadRequestError} from "../HttpError.js";
|
||||
import FrontendToolsComponent from "./FrontendToolsComponent.js";
|
||||
|
||||
export default class CsrfProtectionComponent extends ApplicationComponent {
|
||||
private static readonly excluders: ((req: Request) => boolean)[] = [];
|
||||
@ -16,6 +17,14 @@ export default class CsrfProtectionComponent extends ApplicationComponent {
|
||||
return session.csrf;
|
||||
}
|
||||
|
||||
|
||||
public async init(): Promise<void> {
|
||||
const globals = this.getApp().asOptional(FrontendToolsComponent)?.getGlobals();
|
||||
if (globals) {
|
||||
globals.set('getCsrfToken', () => null);
|
||||
}
|
||||
}
|
||||
|
||||
public static addExcluder(excluder: (req: Request) => boolean): void {
|
||||
this.excluders.push(excluder);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user