Module csrf 

CSRF (Cross-Site Request Forgery) Protection.

Spring Security Equivalent

Similar to Spring Security’s CSRF protection with CsrfFilter.

Features

• Token-based CSRF protection
• Session or cookie-based token storage
• Configurable ignored paths and methods
• Integration with form submissions and AJAX requests

Example

use actix_security_core::http::security::csrf::{CsrfProtection, CsrfConfig};

// Create CSRF protection middleware
let csrf = CsrfProtection::new(CsrfConfig::default());

App::new()
    .wrap(session_middleware)
    .wrap(csrf)  // Add CSRF protection
    .wrap(security_transform)

// In templates, include the CSRF token
// <input type="hidden" name="_csrf" value="{{csrf_token}}">

// For AJAX, send the token in a header
// X-CSRF-TOKEN: {{csrf_token}}

Structs

CsrfConfig

CSRF protection configuration.

CsrfMiddleware

CSRF middleware service.

CsrfProtection

CSRF protection middleware.

CsrfToken

CSRF Token.

SessionCsrfTokenRepository

Session-based CSRF token repository.

Enums

CsrfError

CSRF-related errors.

Traits

CsrfTokenRepository

Trait for storing and retrieving CSRF tokens.