diff options
| author | Igor Scheller <igor.scheller@igorshp.de> | 2018-09-03 15:33:13 +0100 |
|---|---|---|
| committer | msquare <msquare@notrademark.de> | 2018-11-21 19:24:36 +0100 |
| commit | 23c0fae36fb8159bcf8b95bae98555201146457e (patch) | |
| tree | 6a169114a47391adb1da701f630bb27d73e925d2 /src/Renderer | |
| parent | 8236989be066c51c5f57884bcc42dbc387794651 (diff) | |
Added csrf middleware
Diffstat (limited to 'src/Renderer')
| -rw-r--r-- | src/Renderer/Twig/Extensions/Csrf.php | 48 | ||||
| -rw-r--r-- | src/Renderer/TwigServiceProvider.php | 4 |
2 files changed, 51 insertions, 1 deletions
diff --git a/src/Renderer/Twig/Extensions/Csrf.php b/src/Renderer/Twig/Extensions/Csrf.php new file mode 100644 index 00000000..9f77df80 --- /dev/null +++ b/src/Renderer/Twig/Extensions/Csrf.php @@ -0,0 +1,48 @@ +<?php + +namespace Engelsystem\Renderer\Twig\Extensions; + +use Symfony\Component\HttpFoundation\Session\SessionInterface; +use Twig_Extension as TwigExtension; +use Twig_Function as TwigFunction; + +class Csrf extends TwigExtension +{ + /** @var SessionInterface */ + protected $session; + + /** + * @param SessionInterface $session + */ + public function __construct(SessionInterface $session) + { + $this->session = $session; + } + + /** + * @return TwigFunction[] + */ + public function getFunctions() + { + return [ + new TwigFunction('csrf', [$this, 'getCsrfField'], ['is_safe' => ['html']]), + new TwigFunction('csrf_token', [$this, 'getCsrfToken']), + ]; + } + + /** + * @return string + */ + public function getCsrfField() + { + return sprintf('<input type="hidden" name="_token" value="%s">', $this->getCsrfToken()); + } + + /** + * @return string + */ + public function getCsrfToken() + { + return $this->session->get('_token'); + } +} diff --git a/src/Renderer/TwigServiceProvider.php b/src/Renderer/TwigServiceProvider.php index 49a0eb90..57ebe9e5 100644 --- a/src/Renderer/TwigServiceProvider.php +++ b/src/Renderer/TwigServiceProvider.php @@ -4,9 +4,10 @@ namespace Engelsystem\Renderer; use Engelsystem\Config\Config as EngelsystemConfig; use Engelsystem\Container\ServiceProvider; -use Engelsystem\Renderer\Twig\Extensions\Authentication; use Engelsystem\Renderer\Twig\Extensions\Assets; +use Engelsystem\Renderer\Twig\Extensions\Authentication; use Engelsystem\Renderer\Twig\Extensions\Config; +use Engelsystem\Renderer\Twig\Extensions\Csrf; use Engelsystem\Renderer\Twig\Extensions\Globals; use Engelsystem\Renderer\Twig\Extensions\Legacy; use Engelsystem\Renderer\Twig\Extensions\Session; @@ -23,6 +24,7 @@ class TwigServiceProvider extends ServiceProvider 'assets' => Assets::class, 'authentication' => Authentication::class, 'config' => Config::class, + 'csrf' => Csrf::class, 'globals' => Globals::class, 'session' => Session::class, 'legacy' => Legacy::class, |