@dr.pogodin/csurf/build/types/index.d.ts

CSRF token middleware for ExpressJS

import type { NextFunction, Request, Response } from 'express';
import { type Options as TokensOptions } from './tokens';
declare global {
    namespace Express {
        interface Request {
            csrfToken: () => string;
            secret?: string;
        }
    }
}
type CookieOptions = {
    domain?: string;
    httpOnly?: boolean;
    key: string;
    maxAge?: number;
    path: string;
    sameSite?: 'lax' | 'none' | 'strict' | true;
    secure?: boolean;
    signed?: boolean;
};
export type Options = TokensOptions & {
    cookie?: true | CookieOptions;
    ignoreMethods?: string[];
    sessionKey?: string;
    value?: (req: Request) => string;
};
/**
 * CSRF protection middleware.
 *
 * This middleware adds a `req.csrfToken()` function to make a token
 * which should be added to requests which mutate
 * state, within a hidden form field, query-string etc. This
 * token is validated against the visitor's session.
 *
 * @param {Object} options
 * @return {Function} middleware
 * @public
 */
declare function csurf(options?: Options): (req: Request, res: Response, next: NextFunction) => void;
export default csurf;