RisingStack / graffiti

⚠️ DEVELOPMENT DISCONTINUED - Node.js GraphQL ORM
https://risingstack-graffiti.signup.team/
MIT License
1.01k stars 44 forks source link

Add CSRF token to GraphiQL view #35

Open cellis opened 8 years ago

cellis commented 8 years ago

This change adds a getCSRFToken method that if provided can be invoked with the request to get a CSRF token for example: req.csrfToken().

This is needed for securing the GraphiQL views (especially on production instances!). I'm using a modified version of this in development to allow my csrf strategy to work. Let me know what you think!

tothandras commented 8 years ago

Thanks for the PR! Can you add support for the other frameworks too (koa, hapi)?

cellis commented 8 years ago

@tothandras I'll look at these other frameworks soon

phra commented 7 years ago

any updates on this?

cellis commented 7 years ago

@phra sorry for the delay. I don't have time to work on this anymore, as I've moved on to using another library. Perhaps someone else is interested in taking this to the finish line by implementing @tothandras' request to add koa and hapi support?

phra commented 7 years ago

@cellis which library are you using? i'm using this one right now.