Attribute Macro rocket_csrf_guard::with_csrf_token
source · #[with_csrf_token]
Expand description
Macro to enable CSRF protection for a given rocket::form::Form
.
By default, it will add a String field called csrf_token
and implement
WithUserProvidedCsrfToken
so that the form can integrate
with the rest of the rocket_csrf_guard
ecosystem for CSRF checks.
The behavior of this macro can be customized a little:
- If the form has a singular lifetime
'a
, the generatedcsrf_token
field will be of type&'a str
- If you would like to use a different name for the field, pass it as an argument,
like
#[with_csrf_token("field_name")]
- If there is a pre-existing field with the specified (or default) name, no field
will be added - it will just implement the
WithUserProvidedCsrfToken
trait.
For more detailed examples, look at the derive_
examples in the examples/ folder.