UNPKG

@edge-csrf/node-http

Version:

Edge-CSRF integration library for node's http module

github.com/kubetail-org/edge-csrf

kubetail-org/edge-csrf

94 lines (89 loc) 2.66 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
import { IncomingMessage, ServerResponse } from 'http'; /** * Represents cookie options in config */ declare class CookieOptions { domain: string; httpOnly: boolean; maxAge: number | undefined; name: string; partitioned: boolean | undefined; path: string; sameSite: boolean | 'none' | 'strict' | 'lax'; secure: boolean; constructor(opts?: Partial<CookieOptions>); } /** * Represents a function to retrieve token value from a request */ type TokenValueFunction = { (request: Request): Promise<string>; }; /** * Represents token options in config */ declare class TokenOptions { readonly fieldName: string; value: TokenValueFunction | undefined; _fieldNameRegex: RegExp; constructor(opts?: Partial<TokenOptions>); } /** * Represents CsrfProtect configuration object */ declare class Config { excludePathPrefixes: string[]; ignoreMethods: string[]; saltByteLength: number; secretByteLength: number; cookie: CookieOptions; token: TokenOptions; constructor(opts?: Partial<ConfigOptions>); } /** * Represents CsrfProtect configuration options object */ interface ConfigOptions extends Omit<Config, 'cookie' | 'token'> { cookie: Partial<CookieOptions>; token: Partial<TokenOptions>; } /** * Represents a generic CSRF protection error */ declare class CsrfError extends Error { } /** * Represents token options in config */ declare class NodeHttpTokenOptions extends TokenOptions { responseHeader: string; constructor(opts?: Partial<NodeHttpTokenOptions>); } /** * Represents configuration object */ declare class NodeHttpConfig extends Config { excludePathPrefixes: string[]; token: NodeHttpTokenOptions; constructor(opts?: Partial<NodeHttpConfigOptions>); } /** * Represents configuration options object */ interface NodeHttpConfigOptions extends Omit<ConfigOptions, 'token'> { token: Partial<NodeHttpTokenOptions>; } /** * Represents signature of CSRF protect function to be used in node-http request handlers */ type NodeHttpCsrfProtect = { (request: IncomingMessage, response: ServerResponse): Promise<void>; }; /** * Create CSRF protection function for use in node-http request handlers * @param {Partial<NodeHttpConfigOptions>} opts - Configuration options * @returns {NodeHttpCsrfProtect} - The CSRF protect function * @throws {CsrfError} - An error if CSRF validation failed */ declare function createCsrfProtect(opts?: Partial<NodeHttpConfigOptions>): NodeHttpCsrfProtect; export { CsrfError, NodeHttpConfig, type NodeHttpConfigOptions, type NodeHttpCsrfProtect, NodeHttpTokenOptions, createCsrfProtect };