RubygemsResearch

Sha256: 84d9b29dfb90b20de07ff638c5c9e079be0b6037bb30128db3051c9e4f4ad699

Contents?: true

Size: 916 Bytes

Versions: 10

Compression:

Stored size: 916 Bytes

class Cuba
  module Safe
    module CSRF
      def csrf
        @csrf ||= Cuba::Safe::CSRF::Helper.new(req)
      end

      class Helper
        attr :req

        def initialize(req)
          @req = req
        end

        def token
          session[:csrf_token] ||= SecureRandom.base64(32)
        end

        def reset!
          session.delete(:csrf_token)
        end

        def safe?
          return req.get? || req.head? ||
            req[:csrf_token] == token ||
            req.env["HTTP_X_CSRF_TOKEN"] == token
        end

        def unsafe?
          return !safe?
        end

        def form_tag
          return %Q(<input type="hidden" name="csrf_token" value="#{ token }">)
        end

        def meta_tag
          return %Q(<meta name="csrf_token" content="#{ token }">)
        end

        def session
          return req.env["rack.session"]
        end
      end
    end
  end
end

Version data entries

10 entries across 10 versions & 1 rubygems

Version	Path
cuba-3.9.3	lib/cuba/safe/csrf.rb
cuba-3.9.2	lib/cuba/safe/csrf.rb
cuba-3.9.1	lib/cuba/safe/csrf.rb
cuba-3.9.0	lib/cuba/safe/csrf.rb
cuba-3.8.1	lib/cuba/safe/csrf.rb
cuba-3.8.0	lib/cuba/safe/csrf.rb
cuba-3.7.0	lib/cuba/safe/csrf.rb
cuba-3.6.0	lib/cuba/safe/csrf.rb
cuba-3.5.0	lib/cuba/safe/csrf.rb
cuba-3.4.0	lib/cuba/safe/csrf.rb