Giraffe.Antiforgery 1.0.0

.NET Standard 2.0
NuGet\Install-Package Giraffe.Antiforgery -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
dotnet add package Giraffe.Antiforgery --version 1.0.0
<PackageReference Include="Giraffe.Antiforgery" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Giraffe.Antiforgery --version 1.0.0
#r "nuget: Giraffe.Antiforgery, 1.0.0"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install Giraffe.Antiforgery as a Cake Addin
#addin nuget:?package=Giraffe.Antiforgery&version=1.0.0

// Install Giraffe.Antiforgery as a Cake Tool
#tool nuget:?package=Giraffe.Antiforgery&version=1.0.0

Giraffe.Antiforgery

Provides support for CSRF token generation and validation using the Microsoft.AspNetCore.Antiforgery package.

Getting Started

open Giraffe.Antiforgery
open Giraffe.GiraffeViewEngine.Antiforgery

// rest of code

let formView (token : AntiforgeryTokenSet) = 
    html [] [
        body [] [
                form [ _method "post" ] [
                        antiforgeryInput token
                        input [ _type "submit"; _value "Submit" ]
                    ]                                
            ]
    ]
	
let csrfHandler (token : AntiforgeryTokenSet) : HttpHandler = 
    fun (next: HttpFunc) (ctx : HttpContext) ->                                
        htmlView (formView token) next ctx

let webApp =
    choose [
        GET >=> choose [
                // using htmlView helper
                route "/token" >=> choose [ 
                        GET  >=> csrfHtmlView formView
                        POST >=> requiresCsrfToken (text "intruder!") >=> text "oh hi there ;)" 
                    ]
                // manual token handler
                route "/token" >=> choose [ 
                    GET  >=> csrfTokenizer csrfHandler
                    POST >=> requiresCsrfToken (text "intruder!") >=> text "oh hi there ;)" 
                ]
                route "/" >=> text "hello" 
            ]
        RequestErrors.NOT_FOUND "Not Found"
    ]

// rest of code

Handlers

csrfTokenizer

Generates a CSRF token using the Microsoft.AspNetCore.Antiforgery package, which is fed into the provided handler.

csrfTokenizer: (handler : AntiforgeryTokenSet -> HttpHandler) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult

csrfHtmlView

Injects a newly generated CSRF token into a Giraffe.GiraffeViewEngine.XmlNode. Think enriched htmlView.

csrfHtmlView: (view : AntiforgeryTokenSet -> XmlNode) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult

requiresCsrfToken

Checks the presence and validity of CSRF token and calls invalidTokenHandler on failure. Analogous to requiresAuthentication.

requiresCsrfToken: (invalidTokenHandler : HttpHandler) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult

Html

antiforgeryInput

Generates the hidden CSRF input using the Giraffe.GiraffeViewEngine

antiforgeryInput (token : AntiforgeryTokenSet) -> XmlNode

Requires open Giraffe.GiraffeViewEngine.Antiforgery

Product Versions
.NET net5.0 net5.0-windows net6.0 net6.0-android net6.0-ios net6.0-maccatalyst net6.0-macos net6.0-tvos net6.0-windows
.NET Core netcoreapp2.0 netcoreapp2.1 netcoreapp2.2 netcoreapp3.0 netcoreapp3.1
.NET Standard netstandard2.0 netstandard2.1
.NET Framework net461 net462 net463 net47 net471 net472 net48
MonoAndroid monoandroid
MonoMac monomac
MonoTouch monotouch
Tizen tizen40 tizen60
Xamarin.iOS xamarinios
Xamarin.Mac xamarinmac
Xamarin.TVOS xamarintvos
Xamarin.WatchOS xamarinwatchos
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.0 757 3/26/2020