Remix Utils - v9.0.0
    Preparing search index...

    Class CSRF

    Index

    Constructors

    constructor

    Methods

    commitToken generate getToken validate

    Constructors

    Methods

    • Generates a token and serialize it into the cookie.

      Parameters

      • requestOrHeaders: Request | Headers = ...

        A request or headers object from which we can get the cookie to get the existing token.

      • bytes: number = 32

        The number of bytes used to generate the token

      Returns Promise<readonly [string, null | string]>

      A tuple with the token and the string to send in Set-Cookie If there's already a csrf value in the cookie then the token will be the same and the cookie will be null.

      let [token, cookie] = await csrf.commitToken(request);
      return json({ token }, {
        headers: { "set-cookie": cookie }
      })

    • Generates a random string in Base64URL to be used as an authenticity token for CSRF protection.

      Parameters

      • bytes: number = 32

        The number of bytes used to generate the token

      Returns string

      A random string in Base64URL

    • Get the existing token from the cookie or generate a new one if it doesn't exist.

      Parameters

      • requestOrHeaders: Request | Headers = ...

        A request or headers object from which we can get the cookie to get the existing token.

      • bytes: number = 32

        The number of bytes used to generate the token.

      Returns Promise<string>

      The existing token if it exists in the cookie, otherwise a new token.

    • Verify if a request and cookie has a valid CSRF token.

      Parameters

      Returns Promise<void>

      export async function action({ request }: Route.ActionArgs) {
        await csrf.validate(request);
        // the request is authenticated and you can do anything here
      }

      export async function action({ request }: Route.ActionArgs) {
        let formData = await request.formData()
        await csrf.validate(formData, request.headers);
        // the request is authenticated and you can do anything here
      }

      export async function action({ request }: Route.ActionArgs) {
        let formData = await parseMultipartFormData(request);
        await csrf.validate(formData, request.headers);
        // the request is authenticated and you can do anything here
      }

    • Verify if a request and cookie has a valid CSRF token.

      Parameters

      Returns Promise<void>

      export async function action({ request }: Route.ActionArgs) {
        await csrf.validate(request);
        // the request is authenticated and you can do anything here
      }

      export async function action({ request }: Route.ActionArgs) {
        let formData = await request.formData()
        await csrf.validate(formData, request.headers);
        // the request is authenticated and you can do anything here
      }

      export async function action({ request }: Route.ActionArgs) {
        let formData = await parseMultipartFormData(request);
        await csrf.validate(formData, request.headers);
        // the request is authenticated and you can do anything here
      }

    Settings

    Member Visibility

    On This Page

    Constructors
    Methods