13 lines
375 B
TypeScript
13 lines
375 B
TypeScript
import { Injectable, NestMiddleware } from '@nestjs/common';
|
|
import { NextFunction, Request, Response } from 'express';
|
|
|
|
@Injectable()
|
|
export class ValidateCSRFMiddleware implements NestMiddleware {
|
|
use(req: Request, res: Response, next: NextFunction) {
|
|
if (req.body.csrf !== req.session.csrf) {
|
|
return next(new Error('Invalid session'));
|
|
}
|
|
next();
|
|
}
|
|
}
|