Skip to content
/ FyreCSRF Public

FyreCSRF is a free, open-source CSRF protection library for PHP.

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

elusivecodes/FyreCSRF

BranchesTags

Repository files navigation

FyreCSRF

FyreCSRF is a free, open-source CSRF protection library for PHP.

Table Of Contents

Installation

Using Composer

composer require fyre/csrf

In PHP:

use Fyre\Security\CsrfProtection;

Methods

Check Token

Check CSRF token.

CrsfProtection::checkToken($request);

Disable

Disable the CSRF protection.

CsrfProtection::disable();

Enable

Enable the CSRF protection.

CsrfProtection::enable();

Get Field

Get the CSRF token field name.

$field = CsrfProtection::getField();

Get Header

Get the CSRF token header name.

$header = CsrfProtection::getHeader();

Get Key

Get the CSRF session key.

$key = CsrfProtection::getKey();

Get Token

Get the CSRF token.

$token = CsrfProtection::getToken();

Get Token Hash

Get the CSRF token hash.

$tokenHash = CsrfProtection::getTokenHash();

Is Enabled

Determine if the CSRF protection is enabled.

$enabled = CsrfProtection::isEnabled();

Set Field

Set the CSRF token field name.

  • $field is a string representing the CSRF token field name.
CsrfProtection::setField($field);

Set Header

Set the CSRF token header name.

  • $header is a string representing the CSRF token header name.
CsrfProtection::setHeader($header);

Set Key

Set the CSRF session key.

  • $key is a string representing the CSRF session key.
CsrfProtection::setKey($key);

Skip Check Callback

Set the skip check callback.

  • $skipCheck is a Closure that accepts a ServerRequest as the first argument.
CsrfProtection::skipCheckCallback($skipCheck);

The skip check callback should return true if the CSRF check should not be performed.

Middleware

use Fyre\Security\Middleware\CsrfProtectionMiddleware;
  • $options is an array containing options for the middleware.
    • field is a string representing the CSRF token field name, and will default to "csrf_token".
    • header is a string representing the CSRF token header name, and will default to "Csrf-Token".
    • key is a string representing the CSRF session key and will default to "_csrfToken".
    • skipCheck is a Closure that accepts a ServerRequest as the first argument.
$middleware = new CsrfProtectionMiddleware($options);

The skip check callback should return true if the CSRF check should not be performed.

Process

$response = $middleware->process($request, $handler);

This method will return a ClientResponse.

About

FyreCSRF is a free, open-source CSRF protection library for PHP.

Topics

php security protection csrf

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 16

v4.2.1 Latest
Oct 17, 2024
+ 15 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages