class UnifiedCsrfPrevention::Middleware
Rack middleware to set the token and checksum cookies See github.com/xing/cross-application-csrf-prevention#token-generation
Public Class Methods
new(app)
click to toggle source
# File lib/unified_csrf_prevention/middleware.rb, line 9 def initialize(app) @app = app end
Public Instance Methods
call(env)
click to toggle source
# File lib/unified_csrf_prevention/middleware.rb, line 13 def call(env) status, headers, body = @app.call(env) if env.key?(Core::TOKEN_RACK_ENV_VAR) token = env[Core::TOKEN_RACK_ENV_VAR] set_csrf_cookies!(headers, token) Rails.logger.info("Set CSRF token: #{token}") end [status, headers, body] end