CSRF protection for Infuse Framework. Built on symfony/security-csrf.
-
Install the package with composer:
composer require infuse/csrf -
Add the services in your app's configuration:
'services' => [ // ... 'csrf' => 'Infuse\Csrf\Csrf', 'csrf_tokens' => 'Infuse\Csrf\CsrfTokens', // ... ]
-
Add the middleware to your app:
$app->middleware($app['csrf']);
Any POST, PUT, PATCH, and DELETE request that has the middleware installed will check for a valid CSRF token. With a line of code you can add CSRF tokens to a form (Smarty example):
<form action="/transfer" method="POST">
{$app.csrf->render($req) nofilter}
<!-- rest of your form... -->
</form>