Closed linxea closed 5 years ago
Currently i am mounting csrf middleware per route like the example below,
routes.js
const csrf = new CSRF({ invalidSessionSecretMessage: 'Invalid session secret', invalidTokenMessage: 'Invalid CSRF token', invalidTokenStatusCode: 403, }); const router = new Router(); route.get('/', csrf, Controller.getPage);
Is this the correct way of doing it or is there a better way? I can't find any example to validate it as the README.md only shows example of applying csrf to all routes.
i think so. :<
linxea
commented
5 years ago
Currently i am mounting csrf middleware per route like the example below,
routes.js
Is this the correct way of doing it or is there a better way? I can't find any example to validate it as the README.md only shows example of applying csrf to all routes.