0 follower

Final Class Yiisoft\Csrf\CsrfTokenMiddleware

All Classes | Methods | Constants
InheritanceYiisoft\Csrf\CsrfTokenMiddleware
ImplementsPsr\Http\Server\MiddlewareInterface

PSR-15 middleware that takes care of token validation.

Public Methods

Hide inherited methods

Method Description Defined By
__construct() Yiisoft\Csrf\CsrfTokenMiddleware
getHeaderName() Yiisoft\Csrf\CsrfTokenMiddleware
getParameterName() Yiisoft\Csrf\CsrfTokenMiddleware
process() Yiisoft\Csrf\CsrfTokenMiddleware
withHeaderName() Yiisoft\Csrf\CsrfTokenMiddleware
withParameterName() Yiisoft\Csrf\CsrfTokenMiddleware
withSafeMethods() Yiisoft\Csrf\CsrfTokenMiddleware

Constants

Hide inherited constants

Constant Value Description Defined By
HEADER_NAME 'X-CSRF-Token' Yiisoft\Csrf\CsrfTokenMiddleware
PARAMETER_NAME '_csrf' Yiisoft\Csrf\CsrfTokenMiddleware

Method Details

Hide inherited methods

__construct() public method

public mixed __construct ( \Psr\Http\Message\ResponseFactoryInterface $responseFactory, Yiisoft\Csrf\CsrfTokenInterface $token, \Psr\Http\Server\RequestHandlerInterface|null $failureHandler null )
$responseFactory \Psr\Http\Message\ResponseFactoryInterface
$token Yiisoft\Csrf\CsrfTokenInterface
$failureHandler \Psr\Http\Server\RequestHandlerInterface|null 

                public function __construct(
    ResponseFactoryInterface $responseFactory,
    CsrfTokenInterface $token,
    ?RequestHandlerInterface $failureHandler = null
) {
    $this->responseFactory = $responseFactory;
    $this->token = $token;
    $this->failureHandler = $failureHandler;
}
getHeaderName() public method

public string getHeaderName ( )

                public function getHeaderName(): string
{
    return $this->headerName;
}
getParameterName() public method

public string getParameterName ( )

                public function getParameterName(): string
{
    return $this->parameterName;
}
process() public method

public \Psr\Http\Message\ResponseInterface process ( \Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Server\RequestHandlerInterface $handler )
$request \Psr\Http\Message\ServerRequestInterface
$handler \Psr\Http\Server\RequestHandlerInterface 

                public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
    if ($this->validateCsrfToken($request)) {
        return $handler->handle($request);
    }
    if ($this->failureHandler !== null) {
        return $this->failureHandler->handle($request);
    }
    $response = $this->responseFactory->createResponse(Status::UNPROCESSABLE_ENTITY);
    $response
        ->getBody()
        ->write(Status::TEXTS[Status::UNPROCESSABLE_ENTITY]);
    return $response;
}
withHeaderName() public method

public self withHeaderName ( string $name )
$name string 

                public function withHeaderName(string $name): self
{
    $new = clone $this;
    $new->headerName = $name;
    return $new;
}
withParameterName() public method

public self withParameterName ( string $name )
$name string 

                public function withParameterName(string $name): self
{
    $new = clone $this;
    $new->parameterName = $name;
    return $new;
}
withSafeMethods() public method

public self withSafeMethods ( array $methods )
$methods array

"safe" methods skipped on CSRF token validation

 

                public function withSafeMethods(array $methods): self
{
    $new = clone $this;
    $new->safeMethods = $methods;
    return $new;
}