object CSRF
- Source
- CSRF.scala
Linear Supertypes
Ordering
- Alphabetic
- By Inheritance
Inherited
- CSRF
- AnyRef
- Any
- Hide All
- Show All
Visibility
- Public
- All
Type Members
- type CSRFCheckFailed = CSRFCheckFailed.type
- abstract type CSRFToken
Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- val CSRFTokenLength: Int
- val SHA1ByteLen: Int
- val SigningAlgo: String
-
def
apply[F[_], G[_]](headerName: CaseInsensitiveString = ..., cookieName: String = "csrf-token", clock: Clock = Clock.systemUTC(), secure: Boolean = false, onFailure: Response[G] = Response[G](Status.Forbidden), createIfNotFound: Boolean = true, key: SecretKey, headerCheck: (Request[G]) ⇒ Boolean)(implicit arg0: Sync[F], arg1: Applicative[G]): CSRF[F, G]
Default method for constructing CSRF middleware *
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
buildSigningKey[F[_]](array: Array[Byte])(implicit F: Sync[F]): F[SecretKey]
Build a new HMACSHA1 Key for our CSRF Middleware from key bytes.
Build a new HMACSHA1 Key for our CSRF Middleware from key bytes. This operation is unsafe, in that any amount less than 20 bytes will throw an exception when loaded into
Mac
, and any value above will be truncated (not good for entropy).Use for loading a key from a config file, after having generated one safely
-
def
clone(): AnyRef
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )
-
def
default[F[_], G[_]](headerName: CaseInsensitiveString = ..., cookieName: String = "csrf-token", clock: Clock = Clock.systemUTC(), secure: Boolean = false, onFailure: Response[G] = Response[G](Status.Forbidden), createIfNotFound: Boolean = true, key: SecretKey, host: String, sc: Scheme, port: Option[Int])(implicit arg0: Sync[F], arg1: Applicative[G]): CSRF[F, G]
Default method for constructing CSRF middleware *
-
def
defaultOriginCheck[F[_]](r: Request[F], host: String, sc: Scheme, port: Option[Int]): Boolean
Check origin matches our proposed origin.
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
finalize(): Unit
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
def
generateSigningKey[F[_]]()(implicit F: Sync[F]): F[SecretKey]
Generate a signing Key for the CSRF token *
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
isEqual(s1: String, s2: String): Boolean
A Constant-time string equality *
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- def proxyOriginCheck[F[_]](r: Request[F], host: Host, xff: X-Forwarded-For): Boolean
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
-
def
tokensEqual(s1: CSRFToken, s2: CSRFToken): Boolean
A Constant-time string equality *
- def unlift(s: CSRFToken): String
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )
-
def
withGeneratedKey[F[_], G[_]](headerName: CaseInsensitiveString = ..., cookieName: String = "csrf-token", clock: Clock = Clock.systemUTC(), secure: Boolean = false, onFailure: Response[G] = Response[G](Status.Forbidden), createIfNotFound: Boolean = true, headerCheck: (Request[G]) ⇒ Boolean)(implicit arg0: Sync[F], arg1: Applicative[G]): F[CSRF[F, G]]
Sugar for instantiating a middleware by generating a key *
-
def
withKeyBytes[F[_], G[_]](keyBytes: Array[Byte], headerName: CaseInsensitiveString = ..., cookieName: String = "csrf-token", clock: Clock = Clock.systemUTC(), onFailure: Response[G] = Response[G](Status.Forbidden), secure: Boolean = false, createIfNotFound: Boolean = true, headerCheck: (Request[G]) ⇒ Boolean)(implicit arg0: Sync[F], arg1: Applicative[G]): F[CSRF[F, G]]
Sugar for pre-loading a key *
- object CSRFCheckFailed extends Exception with NoStackTrace with Product with Serializable