1. Go to this page and download the library: Download pinga/csrf library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
pinga / csrf example snippets
use DI\Container;
use Slim\Csrf\Guard;
use Slim\Factory\AppFactory;
er = new Container();
AppFactory::setContainer($container);
// Create App
$app = AppFactory::create();
$responseFactory = $app->getResponseFactory();
// Register Middleware On Container
$container->set('csrf', function () use ($responseFactory) {
return new Guard($responseFactory);
});
// Register Middleware To Be Executed On All Routes
$app->add('csrf');
$app->get('/foo', function ($request, $response, $args) {
// CSRF token name and value
$csrf = $this->get('csrf');
$nameKey = $csrf->getTokenNameKey();
$valueKey = $csrf->getTokenValueKey();
$name = $request->getAttribute($nameKey);
$value = $request->getAttribute($valueKey);
/*
Render HTML form which POSTs to /bar with two hidden input fields for the
name and value:
<input type="hidden" name="<?= $nameKey
use DI\Container;
use Slim\Csrf\Guard;
use Slim\Factory\AppFactory;
er = new Container();
AppFactory::setContainer($container);
// Create App
$app = AppFactory::create();
$responseFactory = $app->getResponseFactory();
// Register Middleware On Container
$container->set('csrf', function () use ($responseFactory) {
return new Guard($responseFactory);
});
$app->get('/api/route',function ($request, $response, $args) {
$csrf = $this->get('csrf');
$nameKey = $csrf->getTokenNameKey();
$valueKey = $csrf->getTokenValueKey();
$name = $request->getAttribute($nameKey);
$value = $request->getAttribute($valueKey);
$tokenArray = [
$nameKey => $name,
$valueKey => $value
];
return $response->write(json_encode($tokenArray));
})->add('csrf');
$app->post('/api/myEndPoint',function ($request, $response, $args) {
//Do my Things Securely!
})->add('csrf');
$app->run();
use Slim\Csrf\Guard;
use Slim\Psr7\Factory\ResponseFactory;
// Start PHP session
session_start();
// Create Middleware
$responseFactory = new ResponseFactory(); // Note that you will need to import
$guard = new Guard($responseFactory);
// Generate new tokens
$csrfNameKey = $guard->getTokenNameKey();
$csrfValueKey = $guard->getTokenValueKey();
$keyPair = $guard->generateToken();
// Validate retrieved tokens
$guard->validateToken($_POST[$csrfNameKey], $_POST[$csrfValueKey]);
use Slim\Csrf\Guard;
class CsrfExtension extends \Twig\Extension\AbstractExtension implements \Twig\Extension\GlobalsInterface
{
/**
* @var Guard
*/
protected $csrf;
public function __construct(Guard $csrf)
{
$this->csrf = $csrf;
}
public function getGlobals()
{
// CSRF token name and value
$csrfNameKey = $this->csrf->getTokenNameKey();
$csrfValueKey = $this->csrf->getTokenValueKey();
$csrfName = $this->csrf->getTokenName();
$csrfValue = $this->csrf->getTokenValue();
return [
'csrf' => [
'keys' => [
'name' => $csrfNameKey,
'value' => $csrfValueKey
],
'name' => $csrfName,
'value' => $csrfValue
]
];
}
}
use Slim\Csrf\Guard;
use Slim\Psr7\Factory\ResponseFactory;
$responseFactory = new ResponseFactory();
$guard = new Guard($responseFactory);
$guard->setFailureHandler(function (ServerRequestInterface $request, RequestHandlerInterface $handler) {
$request = $request->withAttribute("csrf_status", false);
return $handler->handle($request);
});
if (false === $request->getAttribute('csrf_status')) {
// display suitable error here
} else {
// successfully passed CSRF check
}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.