use built in csrf middleware (im stupid)

wanderer-moe · Jan 4, 2024 · e7157a8 · e7157a8
1 parent 2048ac0
commit e7157a8
Show file tree

Hide file tree

Showing 7 changed files with 126 additions and 149 deletions.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1 @@
+{}
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ Source code for the API powering [**wanderer.moe**](https://wanderer.moe) — us
 
 We use Turso (libsql, fork of SQLite) as our database. You will need to install the [Turso CLI](https://docs.turso.tech/reference/turso-cli#installation) then run `turso dev` to start a local database. You can persist data by passing `--db-file <path>`.
 
-The Turso CLI can be ran on Windows using WSL.
+The Turso CLI can be run on Windows using WSL.
 
 The API will connect to the local database if the environment is set to `DEV`, else - it will connect to your production database.
 
@@ -37,7 +37,7 @@ Required environment variables are viewable in `./src/worker-configuration.d.ts`
 
 -   There is a GitHub Action that automatically deploys to Cloudflare Workers on every push to `main` — you can find it in `.github/workflows/deploy.yml`.
 
--   If you're using Github Actions, you will have to setup a secret with a Cloudflare API token. You can generate the API token [here][Cloudflare API Token] — use the `Edit Cloudflare Workers` template.
+-   If you're using GitHub Actions, you will have to set up a secret with a Cloudflare API token. You can generate the API token [here][Cloudflare API Token] — use the `Edit Cloudflare Workers` template.
 
 ### Database
 

diff --git a/package.json b/package.json
@@ -43,7 +43,7 @@
         "better-sqlite3": "^9.2.2",
         "drizzle-orm": "^0.29.2",
         "drizzle-zod": "^0.5.1",
-        "hono": "^3.11.11",
+        "hono": "^3.12.0",
         "lucia": "3.0.0-beta.14",
         "oslo": "^0.26.2",
         "prettier": "^3.1.1",

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/src/index.ts b/src/index.ts
@@ -4,7 +4,7 @@ import { prettyJSON } from "hono/pretty-json"
 import BaseRoutes from "@/v2/routes/handler"
 import { CustomCSS, OpenAPIConfig } from "./openapi/config"
 import { cors } from "hono/cors"
-import { csrfValidation } from "./v2/middleware/csrf"
+import { csrf } from "hono/csrf"
 import { LogTime } from "./v2/middleware/time-taken"
 
 const app = new OpenAPIHono<{ Bindings: Bindings; Variables: Variables }>()
@@ -26,8 +26,11 @@ app.get(
 // openapi config
 app.doc("/openapi", OpenAPIConfig)
 
-//  middleware
-app.use("*", csrfValidation)
+// middleware
+// interface CSRFOptions {
+//     origin?: string | string[] | IsAllowedOriginHandler;
+// }
+app.use("*", csrf())
 app.use("*", LogTime)
 
 app.use(

diff --git a/src/v2/middleware/csrf.ts b/src/v2/middleware/csrf.ts
diff --git a/tsconfig.json b/tsconfig.json
@@ -9,7 +9,7 @@
         "paths": {
             "@/*": ["src/*"]
         },
-        "types": ["@cloudflare/workers-types"]
+        "types": ["@cloudflare/workers-types", "node"]
     },
     "include": ["src/**/*.ts"]
 }