csrf token is not written in token

rscarrera27 / Sanic-JWT-Extended

⚡️An open source Sanic extension that provides "extended" JWT support

https://sanic-jwt-extended.seonghyeon.dev

MIT License

35 stars 8 forks source link

csrf token is not written in token #27

Closed sjquant closed 4 years ago

sjquant commented 4 years ago

Problem

This library supports csrf protection when using cookies. There's csrf-read part in tokens.py and decorators.py. But, when I looked into source code, I couldn't find csrf-write part, and its' impossible to write csrf in create_access_token and create_refresh_token functions.

Proposed Solution

It would be solved if we can add csrf claims when encoding jwt.

sjquant commented 4 years ago

I sent a PR in #28

sjquant commented 4 years ago

@NovemberOscar Could you see my PR please?

rscarrera27 commented 4 years ago

Sorry for late response 🙏 I'm trying to review this by this weekend

sjquant commented 4 years ago

@NovemberOscar Thank you 👍

sjquant commented 4 years ago

I'll close this issue because PR has been merged.