lib/hanami/action/csrf_protection.rb in hanami-1.0.0.beta2 vs lib/hanami/action/csrf_protection.rb in hanami-1.0.0.beta3

@@ -1,8 +1,9 @@
 require 'securerandom'
 
 module Hanami
+  # @api private
   module Action
     # Invalid CSRF Token
     #
     # @since 0.4.0
     class InvalidCSRFTokenError < ::StandardError
@@ -152,10 +153,27 @@
       # Decide if perform the check or not.
       #
       # Override and return <tt>false</tt> if you want to bypass security check.
       #
       # @since 0.4.0
+      #
+      # @example
+      #   module Web::Controllers::Books
+      #     class Create
+      #       include Web::Action
+      #
+      #       def call(params)
+      #         # ...
+      #       end
+      #
+      #       private
+      #
+      #       def verify_csrf_token?
+      #         false
+      #       end
+      #     end
+      #   end
       def verify_csrf_token?
         !IDEMPOTENT_HTTP_METHODS[request_method]
       end
 
       # Handle CSRF attack.
@@ -165,9 +183,26 @@
       # Override this method, for custom handling.
       #
       # @raise [Hanami::Action::InvalidCSRFTokenError]
       #
       # @since 0.4.0
+      #
+      # @example
+      #   module Web::Controllers::Books
+      #     class Create
+      #       include Web::Action
+      #
+      #       def call(params)
+      #         # ...
+      #       end
+      #
+      #       private
+      #
+      #       def handle_invalid_csrf_token
+      #         # custom invalid CSRF management goes here
+      #       end
+      #     end
+      #   end
       def handle_invalid_csrf_token
         session.clear
         raise InvalidCSRFTokenError.new
       end
     end