feat(csrf): Add Csrf Support

Rhilip · Jul 28, 2019 · 9bddfa8 · 9bddfa8
1 parent abbef65
commit 9bddfa8
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -34,6 +34,7 @@
 - **tracker:** No need to explicit serialize announce data
 
 ### Refactor
+- **Tracker:** Better Tracker behaviour in multi tracker
 - **View:** Rename folder `error` to `action`
 - **action_success:** Simple The Action Template
 

diff --git a/framework/Http/Session.php b/framework/Http/Session.php
@@ -142,4 +142,10 @@ public function getSessionId()
         return $this->_sessionId;
     }
 
+    public function setCsrfToken()
+    {
+        $csrf = StringHelper::getRandomString(16);
+        $this->set('csrf', $csrf);
+        return $csrf;
+    }
 }
diff --git a/framework/Validators/CsrfTrait.php b/framework/Validators/CsrfTrait.php
@@ -0,0 +1,25 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: Rhilip
+ * Date: 7/28/2019
+ * Time: 3:37 PM
+ */
+
+namespace Rid\Validators;
+
+
+trait CsrfTrait
+{
+    public $csrf;
+
+    protected function validateCaptcha()
+    {
+        $csrfInput = $this->getData('csrf');
+        $csrfText = app()->session->pop('csrfText');
+        if (strcasecmp($csrfInput, $csrfText) != 0) {
+            $this->buildCallbackFailMsg('csrf', 'csrf verification failed.');
+            return;
+        }
+    }
+}