Trait CsrfProtection

Source

pub trait CsrfProtection: Send + Sync {
    // Required methods
    fn generate_cookie(
        &self,
        token_value: &[u8; 64],
        ttl_seconds: i64,
    ) -> Result<CsrfCookie, CsrfError>;
    fn generate_token(
        &self,
        token_value: &[u8; 64],
    ) -> Result<CsrfToken, CsrfError>;
    fn parse_cookie(
        &self,
        cookie: &[u8],
    ) -> Result<UnencryptedCsrfCookie, CsrfError>;
    fn parse_token(
        &self,
        token: &[u8],
    ) -> Result<UnencryptedCsrfToken, CsrfError>;

    // Provided methods
    fn verify_token_pair(
        &self,
        token: &UnencryptedCsrfToken,
        cookie: &UnencryptedCsrfCookie,
    ) -> Result<(), CsrfError> { ... }
    fn random_bytes(&self, buf: &mut [u8]) -> Result<(), CsrfError> { ... }
    fn generate_token_pair(
        &self,
        previous_token_value: Option<&[u8; 64]>,
        ttl_seconds: i64,
    ) -> Result<(CsrfToken, CsrfCookie), CsrfError> { ... }
}

Expand description

The base trait that allows a developer to add CSRF protection to an application.

Required Methods§

Source

fn generate_cookie( &self, token_value: &[u8; 64], ttl_seconds: i64, ) -> Result<CsrfCookie, CsrfError>

Given a nonce and a time to live (TTL), create a cookie to send to the end user.

Source

fn generate_token(&self, token_value: &[u8; 64]) -> Result<CsrfToken, CsrfError>

Given a nonce, create a token to send to the end user.

Source

fn parse_cookie( &self, cookie: &[u8], ) -> Result<UnencryptedCsrfCookie, CsrfError>

Given a decoded byte array, deserialize, decrypt, and verify the cookie.

Source

fn parse_token(&self, token: &[u8]) -> Result<UnencryptedCsrfToken, CsrfError>

Given a decoded byte array, deserialize, decrypt, and verify the token.

Provided Methods§

Source

fn verify_token_pair( &self, token: &UnencryptedCsrfToken, cookie: &UnencryptedCsrfCookie, ) -> Result<(), CsrfError>

Given a token pair that has been parsed, decoded, decrypted, and verified, return whether or not the token matches the cookie and they have not expired.

Source

fn random_bytes(&self, buf: &mut [u8]) -> Result<(), CsrfError>

Given a buffer, fill it with random bytes or error if this is not possible.

Source

fn generate_token_pair( &self, previous_token_value: Option<&[u8; 64]>, ttl_seconds: i64, ) -> Result<(CsrfToken, CsrfCookie), CsrfError>

Given an optional previous token and a TTL, generate a matching token and cookie pair.

Implementors§

Source §

Trait CsrfProtectionCopy item path

Required Methods§

fn generate_cookie( &self, token_value: &[u8; 64], ttl_seconds: i64, ) -> Result<CsrfCookie, CsrfError>

fn generate_token(&self, token_value: &[u8; 64]) -> Result<CsrfToken, CsrfError>

fn parse_cookie( &self, cookie: &[u8], ) -> Result<UnencryptedCsrfCookie, CsrfError>

fn parse_token(&self, token: &[u8]) -> Result<UnencryptedCsrfToken, CsrfError>

Provided Methods§

fn verify_token_pair( &self, token: &UnencryptedCsrfToken, cookie: &UnencryptedCsrfCookie, ) -> Result<(), CsrfError>

fn random_bytes(&self, buf: &mut [u8]) -> Result<(), CsrfError>

fn generate_token_pair( &self, previous_token_value: Option<&[u8; 64]>, ttl_seconds: i64, ) -> Result<(CsrfToken, CsrfCookie), CsrfError>

Implementors§

impl CsrfProtection for AesGcmCsrfProtection

impl CsrfProtection for ChaCha20Poly1305CsrfProtection

impl CsrfProtection for HmacCsrfProtection

impl CsrfProtection for MultiCsrfProtection

Trait CsrfProtection