generated from nhcarrigan/template
27 lines
689 B
TypeScript
27 lines
689 B
TypeScript
/**
|
|
* @copyright 2026 NHCarrigan
|
|
* @license Naomi's Public License
|
|
* @author Naomi Carrigan
|
|
*/
|
|
|
|
import { FastifyPluginAsync, FastifyRequest } from "fastify";
|
|
import fastifyPlugin from "fastify-plugin";
|
|
import fastifyCsrf from "@fastify/csrf-protection";
|
|
|
|
const csrfPlugin: FastifyPluginAsync = async (app) => {
|
|
await app.register(fastifyCsrf, {
|
|
sessionPlugin: "@fastify/cookie",
|
|
cookieOpts: {
|
|
path: "/",
|
|
httpOnly: true,
|
|
secure: process.env.NODE_ENV === "production",
|
|
sameSite: "lax",
|
|
},
|
|
getToken: (request: FastifyRequest) => {
|
|
return request.headers["x-csrf-token"] as string;
|
|
},
|
|
});
|
|
};
|
|
|
|
export default fastifyPlugin(csrfPlugin);
|