{"id":13716380,"url":"https://github.com/fourcube/micro-csrf","last_synced_at":"2025-04-14T18:22:56.662Z","repository":{"id":43977822,"uuid":"246855767","full_name":"fourcube/micro-csrf","owner":"fourcube","description":"Anti-CSRF middleware for micro","archived":false,"fork":false,"pushed_at":"2023-01-05T09:50:39.000Z","size":2292,"stargazers_count":3,"open_issues_count":8,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-12T01:40:17.169Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fourcube.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-12T14:31:24.000Z","updated_at":"2022-12-16T20:11:19.000Z","dependencies_parsed_at":"2023-02-03T23:45:42.958Z","dependency_job_id":null,"html_url":"https://github.com/fourcube/micro-csrf","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fourcube%2Fmicro-csrf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fourcube%2Fmicro-csrf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fourcube%2Fmicro-csrf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fourcube%2Fmicro-csrf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fourcube","download_url":"https://codeload.github.com/fourcube/micro-csrf/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248933829,"owners_count":21185547,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T00:01:09.884Z","updated_at":"2025-04-14T18:22:56.631Z","avatar_url":"https://github.com/fourcube.png","language":"TypeScript","funding_links":[],"categories":["Modules"],"sub_categories":["Middlewares"],"readme":"# micro-csrf\n\n[![Build Status](https://travis-ci.org/fourcube/micro-csrf.svg?branch=master)](https://travis-ci.org/fourcube/micro-csrf)\n\n`micro-csrf` is a csrf middleware for Zeit.co's [micro](https://github.com/zeit/micro) framework. This module is heavily inspired by [`express-csurf`](https://github.com/expressjs/csurf).\n\n## Installation\n\n```bash\n$ npm install micro-csrf\n# or\n$ yarn add micro-csrf\n```\n\n## Example Usage\n\n```javascript\n\n// Use the micro-session middleware for storing the token secret\nconst SessionManager, { MemoryStore } = require('micro-session');\nconst { csrfMiddleware } = require('micro-csrf');\n\nconst sessionManager = SessionManager({\n  store: new MemoryStore(),\n  secret: 'my session secret'\n})\nconst csrf = csrfMiddleware();\n\nmodule.exports = async (req, res) =\u003e {\n  let session = await getSession(req, res);\n\n  // This will automatically end the request with a 403 error\n  // if this is a POST, PUT, PATCH, DELETE request without a valid\n  // CSRF Token.\n  const csrfToken = await csrf(session, req, res);\n\n  // ...\n\n  return {\n    csrfToken\n  };\n};\n```\n\n## Token Validation\n\nThe token is automatically read from the following locations:\n\n```\n    req.body._csrf - requires a parsed request body\n    req.query._csrf - requires a query parser\n    req.headers['csrf-token'] - the CSRF-Token HTTP request header.\n    req.headers['xsrf-token'] - the XSRF-Token HTTP request header.\n    req.headers['x-csrf-token'] - the X-CSRF-Token HTTP request header.\n    req.headers['x-xsrf-token'] - the X-XSRF-Token HTTP request header.\n```\n\n## License\n\n[MIT](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffourcube%2Fmicro-csrf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffourcube%2Fmicro-csrf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffourcube%2Fmicro-csrf/lists"}