Raise exception in csrf middleware instead of use CsrfFailureView

Author: davegaeddert

plain/plain/csrf/middleware.py

@@ -1,22 +1,17 @@
 from __future__ import annotations
 
-import logging
 import re
 from collections.abc import Callable
 from typing import TYPE_CHECKING
 from urllib.parse import urlparse
 
+from plain.exceptions import PermissionDenied
 from plain.http import HttpMiddleware
-from plain.logs.utils import log_response
 from plain.runtime import settings
 
-from .views import CsrfFailureView
-
 if TYPE_CHECKING:
     from plain.http import Request, Response
 
-logger = logging.getLogger("plain.security.csrf")
-
 
 class CsrfViewMiddleware(HttpMiddleware):
     """
@@ -38,10 +33,10 @@ def __init__(self, get_response: Callable[[Request], Response]):
     def process_request(self, request: Request) -> Response:
         allowed, reason = self.should_allow_request(request)
 
-        if allowed:
-            return self.get_response(request)
-        else:
-            return self.reject(request, reason)
+        if not allowed:
+            raise PermissionDenied(reason)
+
+        return self.get_response(request)
 
     def should_allow_request(self, request: Request) -> tuple[bool, str]:
         # 1. Allow safe methods (GET, HEAD, OPTIONS)
@@ -127,17 +122,3 @@ def should_allow_request(self, request: Request) -> tuple[bool, str]:
             False,
             f"Cross-origin request detected - Origin {origin} does not match Host",
         )
-
-    def reject(self, request: Request, reason: str) -> Response:
-        """Reject a request with a 403 Forbidden response."""
-
-        response = CsrfFailureView.as_view()(request, reason=reason)
-        log_response(
-            "Forbidden (%s): %s",
-            reason,
-            request.path,
-            response=response,
-            request=request,
-            logger=logger,
-        )
-        return response

plain/plain/csrf/views.py

@@ -314,26 +314,24 @@ def test_request_factory_naturally_bypasses_csrf():
     )
 
 
-@patch("plain.csrf.middleware.CsrfViewMiddleware.reject")
-def test_middleware_integration_rejected_request(mock_reject):
-    """Rejected requests should return 403 response without calling next."""
+def test_middleware_integration_rejected_request():
+    """Rejected requests should raise PermissionDenied without calling next."""
     from unittest.mock import Mock
 
-    rf = RequestFactory()
-    csrf_middleware = CsrfViewMiddleware(lambda request: None)
+    from plain.exceptions import PermissionDenied
 
-    mock_response = Mock()
-    mock_reject.return_value = mock_response
-    csrf_middleware.get_response = Mock()
+    rf = RequestFactory()
+    mock_get_response = Mock()
+    csrf_middleware = CsrfViewMiddleware(mock_get_response)
 
     request = rf.post("/test/", headers={"Origin": "https://attacker.com"})
-    response = csrf_middleware.process_request(request)
 
-    # Should not call next middleware
-    csrf_middleware.get_response.assert_not_called()
+    # Should raise PermissionDenied
+    with pytest.raises(PermissionDenied) as exc_info:
+        csrf_middleware.process_request(request)
 
-    # Should call reject method
-    mock_reject.assert_called_once()
+    # Should not call next middleware
+    mock_get_response.assert_not_called()
 
-    # Should return the mocked response
-    assert response == mock_response
+    # Exception message should contain the reason
+    assert "Cross-origin request detected" in str(exc_info.value)