13 lines
375 B
TypeScript
13 lines
375 B
TypeScript
|
import { Injectable, NestMiddleware } from '@nestjs/common';
|
||
|
import { NextFunction, Request, Response } from 'express';
|
||
|
|
||
|
@Injectable()
|
||
|
export class ValidateCSRFMiddleware implements NestMiddleware {
|
||
|
use(req: Request, res: Response, next: NextFunction) {
|
||
|
if (req.body.csrf !== req.session.csrf) {
|
||
|
return next(new Error('Invalid session'));
|
||
|
}
|
||
|
next();
|
||
|
}
|
||
|
}
|