Class XSRFToken
java.lang.Object
services.moleculer.service.MoleculerComponent
services.moleculer.service.Service
services.moleculer.web.middleware.HttpMiddleware
services.moleculer.web.middleware.XSRFToken
- All Implemented Interfaces:
services.moleculer.service.MoleculerLifecycle, HttpConstants
This middleware adds "X-XSRF-TOKEN" header to responses. Sample:
restRoute.use(new XSRFToken());
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprotected StringName of the HTTP-cookie.protected booleanEnable XSRF-TOKEN cookie.protected StringName of the HTTP-header.protected static final org.slf4j.Loggerprotected longCookie / token timeout in SECONDS.protected StringCookie path.protected StringSecret.protected ThreadLocal<XSRFToken.TokenHandler> Fields inherited from class services.moleculer.service.MoleculerComponent
broker, nameFields inherited from interface HttpConstants
ACCEPT, ACCEPT_ENCODING, AUTHORIZATION, CACHE_CONTROL, CHUNKED, CLOSE, CONNECT, CONNECTION, CONTENT_ENCODING, CONTENT_LENGTH, CONTENT_TYPE, CONTENT_TYPE_HTML, CONTENT_TYPE_JSON, COOKIE, DEFLATE, DELETE, ETAG, GET, GZIP, HEAD, IF_NONE_MATCH, KEEP_ALIVE, LOCATION, META_CONTENT_TYPE, META_HEADERS, META_LOCALE, META_LOCATION, META_SESSION, META_STATUS, META_TEMPLATE, NO_CACHE, OPTIONS, PATCH, POST, PROPERTY_COOKIES, PROPERTY_SESSION_ID, PROPERTY_USER, PUT, SET_COOKIE, TRACE, TRANSFER_ENCODING, WWW_AUTHENTICATE, X_FORWARDED_FOR -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionlonggetPath()protected XSRFToken.TokenHandlerinstall(RequestProcessor next, io.datatree.Tree config) booleanvoidsetCookieName(String cookieName) voidsetEnableCookie(boolean enableCookie) voidsetHeaderName(String headerName) voidsetMaxAge(long maxAge) voidvoidMethods inherited from class services.moleculer.service.MoleculerComponent
getBroker, getLogger, getName, started, stopped
-
Field Details
-
logger
protected static final org.slf4j.Logger logger -
headerName
Name of the HTTP-header. -
cookieName
Name of the HTTP-cookie. -
secret
Secret. -
path
Cookie path. -
maxAge
protected long maxAgeCookie / token timeout in SECONDS. -
enableCookie
protected boolean enableCookieEnable XSRF-TOKEN cookie. -
tokenHandlers
-
-
Constructor Details
-
XSRFToken
public XSRFToken() -
XSRFToken
public XSRFToken(long maxAge)
-
-
Method Details
-
getThreadHandler
protected XSRFToken.TokenHandler getThreadHandler() throws InvalidKeyException, NoSuchAlgorithmException -
install
- Specified by:
installin classHttpMiddleware
-
getCookieName
- Returns:
- the cookieName
-
setCookieName
- Parameters:
cookieName- the cookieName to set
-
getPath
- Returns:
- the path
-
setPath
- Parameters:
path- the path to set
-
getMaxAge
public long getMaxAge()- Returns:
- the maxAge
-
setMaxAge
public void setMaxAge(long maxAge) - Parameters:
maxAge- the maxAge to set
-
getHeaderName
- Returns:
- the headerName
-
setHeaderName
- Parameters:
headerName- the headerName to set
-
getSecret
- Returns:
- the secret
-
setSecret
- Parameters:
secret- the secret to set
-
isEnableCookie
public boolean isEnableCookie()- Returns:
- the enableCookie
-
setEnableCookie
public void setEnableCookie(boolean enableCookie) - Parameters:
enableCookie- the enableCookie to set
-