Class: Rack::SimpleCsrf

Inherits:

Object

Object
Rack::SimpleCsrf

show all

Defined in:: lib/rack/simple_csrf.rb,
lib/rack/simple_csrf/version.rb

Defined Under Namespace

Modules: Helpers Classes: CSRFFailedToValidateError, CSRFSessionUnavailableError

Constant Summary collapse

VERSION =

"1.3.0"

Instance Method Summary collapse

#call(env, req = Rack::Request.new(env)) ⇒ Object
#initialize(app, opts = {}) ⇒ SimpleCsrf constructor

A new instance of SimpleCsrf.

Constructor Details

#initialize(app, opts = {}) ⇒ `SimpleCsrf`

Returns a new instance of SimpleCsrf.

# File 'lib/rack/simple_csrf.rb', line 24

def initialize(app, opts = {})
  @field = opts.fetch(:field, "auth")
  @raise = opts.fetch(:raise, false)
  @key = opts.fetch(:key, "csrf")
  @skip = opts.fetch(:skip, [])

  @app = app

  @render_with = opts[:render_with]
  @header = opts.fetch(:header, "HTTP_X_CSRF_TOKEN")
  @methods = (%w(POST PUT DELETE PATCH) + \
    opts.fetch(:http_methods, [])).flatten.uniq
end

Instance Method Details

#call(env, req = Rack::Request.new(env)) ⇒ `Object`

# File 'lib/rack/simple_csrf.rb', line 38

def call(env, req = Rack::Request.new(env))
  raise_if_session_unavailable_for! req
  setup_csrf_for! req

  return @app.call(env) if continue?(req)
  @raise ? raise(CSRFFailedToValidateError) : render_error_for!(env)
end

Class: Rack::SimpleCsrf

Defined Under Namespace

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, opts = {}) ⇒ SimpleCsrf

Instance Method Details

#call(env, req = Rack::Request.new(env)) ⇒ Object

#initialize(app, opts = {}) ⇒ `SimpleCsrf`

#call(env, req = Rack::Request.new(env)) ⇒ `Object`