summaryrefslogtreecommitdiff
path: root/src/Renderer
diff options
context:
space:
mode:
authorIgor Scheller <igor.scheller@igorshp.de>2018-09-03 15:33:13 +0100
committermsquare <msquare@notrademark.de>2018-11-21 19:24:36 +0100
commit23c0fae36fb8159bcf8b95bae98555201146457e (patch)
tree6a169114a47391adb1da701f630bb27d73e925d2 /src/Renderer
parent8236989be066c51c5f57884bcc42dbc387794651 (diff)
Added csrf middleware
Diffstat (limited to 'src/Renderer')
-rw-r--r--src/Renderer/Twig/Extensions/Csrf.php48
-rw-r--r--src/Renderer/TwigServiceProvider.php4
2 files changed, 51 insertions, 1 deletions
diff --git a/src/Renderer/Twig/Extensions/Csrf.php b/src/Renderer/Twig/Extensions/Csrf.php
new file mode 100644
index 00000000..9f77df80
--- /dev/null
+++ b/src/Renderer/Twig/Extensions/Csrf.php
@@ -0,0 +1,48 @@
+<?php
+
+namespace Engelsystem\Renderer\Twig\Extensions;
+
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
+use Twig_Extension as TwigExtension;
+use Twig_Function as TwigFunction;
+
+class Csrf extends TwigExtension
+{
+ /** @var SessionInterface */
+ protected $session;
+
+ /**
+ * @param SessionInterface $session
+ */
+ public function __construct(SessionInterface $session)
+ {
+ $this->session = $session;
+ }
+
+ /**
+ * @return TwigFunction[]
+ */
+ public function getFunctions()
+ {
+ return [
+ new TwigFunction('csrf', [$this, 'getCsrfField'], ['is_safe' => ['html']]),
+ new TwigFunction('csrf_token', [$this, 'getCsrfToken']),
+ ];
+ }
+
+ /**
+ * @return string
+ */
+ public function getCsrfField()
+ {
+ return sprintf('<input type="hidden" name="_token" value="%s">', $this->getCsrfToken());
+ }
+
+ /**
+ * @return string
+ */
+ public function getCsrfToken()
+ {
+ return $this->session->get('_token');
+ }
+}
diff --git a/src/Renderer/TwigServiceProvider.php b/src/Renderer/TwigServiceProvider.php
index 49a0eb90..57ebe9e5 100644
--- a/src/Renderer/TwigServiceProvider.php
+++ b/src/Renderer/TwigServiceProvider.php
@@ -4,9 +4,10 @@ namespace Engelsystem\Renderer;
use Engelsystem\Config\Config as EngelsystemConfig;
use Engelsystem\Container\ServiceProvider;
-use Engelsystem\Renderer\Twig\Extensions\Authentication;
use Engelsystem\Renderer\Twig\Extensions\Assets;
+use Engelsystem\Renderer\Twig\Extensions\Authentication;
use Engelsystem\Renderer\Twig\Extensions\Config;
+use Engelsystem\Renderer\Twig\Extensions\Csrf;
use Engelsystem\Renderer\Twig\Extensions\Globals;
use Engelsystem\Renderer\Twig\Extensions\Legacy;
use Engelsystem\Renderer\Twig\Extensions\Session;
@@ -23,6 +24,7 @@ class TwigServiceProvider extends ServiceProvider
'assets' => Assets::class,
'authentication' => Authentication::class,
'config' => Config::class,
+ 'csrf' => Csrf::class,
'globals' => Globals::class,
'session' => Session::class,
'legacy' => Legacy::class,