Trait csrf::CsrfProtection [] [src]

pub trait CsrfProtection: Send + Sync {
    fn from_password(password: &[u8]) -> Self;

    fn generate_cookie(
        &self, 
        token_value: &[u8; 64], 
        ttl_seconds: i64
    ) -> Result<CsrfCookie, CsrfError>;

    fn generate_token(
        &self, 
        token_value: &[u8; 64]
    ) -> Result<CsrfToken, CsrfError>;

    fn parse_cookie(
        &self, 
        cookie: &[u8]
    ) -> Result<UnencryptedCsrfCookie, CsrfError>;

    fn parse_token(
        &self, 
        token: &[u8]
    ) -> Result<UnencryptedCsrfToken, CsrfError>;

    fn rng(&self) -> &SystemRandom;

    fn verify_token_pair(
        &self, 
        token: &UnencryptedCsrfToken, 
        cookie: &UnencryptedCsrfCookie
    ) -> bool { ... }

    fn random_bytes(&self, buf: &mut [u8]) -> Result<(), CsrfError> { ... }

    fn generate_token_pair(
        &self, 
        previous_token_value: Option<&[u8; 64]>, 
        ttl_seconds: i64
    ) -> Result<(CsrfToken, CsrfCookie), CsrfError> { ... }
}

The base trait that allows a developer to add CSRF protection to an application.

Required Methods

Use a key derivation function (KDF) to generate key material.

Panics

This function may panic if the underlying crypto library fails catastrophically.

Given a nonce and a time to live (TTL), create a cookie to send to the end user.

Given a nonce, create a token to send to the end user.

Given a decoded byte array, deserialize, decrypt, and verify the cookie.

Given a decoded byte array, deserialize, decrypt, and verify the token.

Provide a random number generator for other functions.

Provided Methods

Given a token pair that has been parsed, decoded, decrypted, and verified, return whether or not the token matches the cookie and they have not expired.

Given a buffer, fill it with random bytes or error if this is not possible.

Given an optional previous token and a TTL, generate a matching token and cookie pair.

Implementors