Open rduque1 opened 1 year ago
To anyone needing to access the context, I solved this by using the following initialization configuration:
import {nextCsrf} from "next-csrf";
const { csrf, setup : setupFramework } = nextCsrf({
secret: process.env.CSRF_SECRET,
});
// Hack to allow the use of next-csrf with getServerSideProps, making the context available
const setup = (
handler: any,
) => async (context: any) => {
setupFramework(context);
return handler(context);
};
export { csrf, setup };
@machadolucas That example is not working. It will not set XSRF-TOKEN
cookie and you will get a 403 status code.
@machadolucas That example is not working. It will not set
XSRF-TOKEN
cookie and you will get a 403 status code.
It does work with me. Have you also added the setup in the page? For example:
// Import setup from your config
import {setup} from "../util/yourCsrfConfig";
export const getServerSideProps = setup(async (context: GetServerSidePropsContext) => {
// ...
});
Still doesn't work
In order to have the next context object could
Can this line: https://github.com/j0lv3r4/next-csrf/blob/91774aca0b271512f69976fce1fbc8681a7ca229/src/middleware/setup.ts#L49
be changed to: