icynet-auth-server/src/middleware/csrf.middleware.ts

import { Injectable, NestMiddleware } from '@nestjs/common';
import { NextFunction, Request, Response } from 'express';
import { TokenService } from 'src/modules/utility/services/token.service';

@Injectable()
export class CSRFMiddleware implements NestMiddleware {
  constructor(private readonly tokenService: TokenService) {}

  use(req: Request, res: Response, next: NextFunction) {
    // TODO: do not store in session, keep the amount of pointless sessions down
    if (!req.session.csrf) {
      req.session.csrf = this.tokenService.generateString(64);
    }
    next();
  }
}
Initial service setup 2022-03-09 18:37:04 +00:00			`import { Injectable, NestMiddleware } from '@nestjs/common';`
			`import { NextFunction, Request, Response } from 'express';`
			`import { TokenService } from 'src/modules/utility/services/token.service';`

			`@Injectable()`
			`export class CSRFMiddleware implements NestMiddleware {`
			`constructor(private readonly tokenService: TokenService) {}`

			`use(req: Request, res: Response, next: NextFunction) {`
oauth2 revokations 2022-03-20 14:50:12 +00:00			`// TODO: do not store in session, keep the amount of pointless sessions down`
Initial service setup 2022-03-09 18:37:04 +00:00			`if (!req.session.csrf) {`
			`req.session.csrf = this.tokenService.generateString(64);`
			`}`
			`next();`
			`}`
			`}`