mirror of
https://github.com/notrab/dumbo.git
synced 2025-01-16 21:58:25 +01:00
pass csrf_token to views
This commit is contained in:
Jamie Barton
parent
b35682d275
commit
2e103fcd33
@ -62,18 +62,20 @@ $app->onError(function ($error, $c) {
|
||||
);
|
||||
});
|
||||
|
||||
$app->use(CsrfMiddleware::csrf([
|
||||
'getToken' => function ($ctx) {
|
||||
return Cookie::getCookie($ctx, 'csrf_token') ?? null;
|
||||
$app->use(
|
||||
CsrfMiddleware::csrf([
|
||||
"getToken" => function ($ctx) {
|
||||
return Cookie::getCookie($ctx, "csrf_token") ?? null;
|
||||
},
|
||||
'setToken' => function ($ctx, $token) {
|
||||
Cookie::setCookie($ctx, 'csrf_token', $token, [
|
||||
'httpOnly' => true,
|
||||
'secure' => true,
|
||||
'sameSite' => 'Lax',
|
||||
"setToken" => function ($ctx, $token) {
|
||||
Cookie::setCookie($ctx, "csrf_token", $token, [
|
||||
"httpOnly" => true,
|
||||
"secure" => true,
|
||||
"sameSite" => "Lax",
|
||||
]);
|
||||
},
|
||||
]));
|
||||
])
|
||||
);
|
||||
|
||||
$app->use(function ($c, $next) use ($db) {
|
||||
$sessionId = Cookie::getSignedCookie(
|
||||
@ -146,15 +148,14 @@ $app->get("/", function ($c) use ($latte) {
|
||||
"user" => $user,
|
||||
"flash_message" => $flashMessage,
|
||||
]);
|
||||
$c->set("flash_message", null); // Clear the flash message after displaying
|
||||
$c->set("flash_message", null);
|
||||
return $c->html($html);
|
||||
});
|
||||
|
||||
$app->get("/register", function ($c) use ($latte) {
|
||||
$csrfToken = Cookie::getCookie($c, 'csrf_token');
|
||||
$csrfToken = Cookie::getCookie($c, "csrf_token");
|
||||
$html = render($latte, "register", [
|
||||
"csrf_token" => $csrfToken,
|
||||
|
||||
]);
|
||||
return $c->html($html);
|
||||
});
|
||||
@ -189,7 +190,7 @@ $app->post("/register", function ($c) use ($db, $latte) {
|
||||
|
||||
$app->get("/login", function ($c) use ($latte) {
|
||||
$flashMessage = $c->get("flash_message");
|
||||
$csrfToken = Cookie::getCookie($c, 'csrf_token');
|
||||
$csrfToken = Cookie::getCookie($c, "csrf_token");
|
||||
$html = render($latte, "login", [
|
||||
"flash_message" => $flashMessage,
|
||||
"csrf_token" => $csrfToken,
|
||||
@ -309,6 +310,8 @@ $app->get("/settings", function ($c) use ($db, $latte) {
|
||||
return $c->redirect("/login");
|
||||
}
|
||||
|
||||
$csrfToken = Cookie::getCookie($c, "csrf_token");
|
||||
|
||||
$sessions = $db
|
||||
->query(
|
||||
"SELECT id, user_agent, ip_address, expires_at FROM sessions WHERE user_id = ? AND expires_at > ?",
|
||||
@ -319,6 +322,7 @@ $app->get("/settings", function ($c) use ($db, $latte) {
|
||||
$html = render($latte, "settings", [
|
||||
"user" => $user,
|
||||
"sessions" => $sessions,
|
||||
"csrf_token" => $csrfToken,
|
||||
]);
|
||||
|
||||
return $c->html($html);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user