{"_id":"csrf-tokens","_rev":"71736","name":"csrf-tokens","description":"primary logic behind csrf tokens","dist-tags":{"latest":"2.0.0"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"time":{"modified":"2021-06-03T10:23:35.000Z","created":"2014-06-08T21:46:41.232Z","2.0.0":"2014-06-18T09:13:54.116Z","1.0.4":"2014-06-11T01:17:52.212Z","1.0.3":"2014-06-08T22:06:55.043Z","1.0.2":"2014-06-08T22:02:41.123Z","1.0.1":"2014-06-08T21:52:24.071Z","1.0.0":"2014-06-08T21:46:41.232Z"},"users":{},"author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"versions":{"2.0.0":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"2.0.0","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1","scmp":"~0.0.3","uid-safe":"1","base64-url":"1"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@2.0.0","_shasum":"c821003fb8b6ad17bc977d6fd1a84bedc3ed619b","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"c821003fb8b6ad17bc977d6fd1a84bedc3ed619b","size":2844,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-2.0.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-2.0.0.tgz"},"directories":{},"publish_time":1403082834116,"_cnpm_publish_time":1403082834116,"_hasShrinkwrap":false},"1.0.4":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"1.0.4","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1","uid2":"~0.0.2","scmp":"~0.0.3"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@1.0.4","_shasum":"49672568b2703348644eacaf61cdbdc054ba56f2","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"49672568b2703348644eacaf61cdbdc054ba56f2","size":2611,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-1.0.4.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-1.0.4.tgz"},"directories":{},"publish_time":1402449472212,"_cnpm_publish_time":1402449472212,"_hasShrinkwrap":false},"1.0.3":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"1.0.3","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1","uid2":"~0.0.2","scmp":"~0.0.3"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@1.0.3","_shasum":"a2241f71903bc94f82c36adfae1d006fbb3b2c0e","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"a2241f71903bc94f82c36adfae1d006fbb3b2c0e","size":2467,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-1.0.3.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-1.0.3.tgz"},"directories":{},"publish_time":1402265215043,"_cnpm_publish_time":1402265215043,"_hasShrinkwrap":false},"1.0.2":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"1.0.2","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1","uid2":"~0.0.2","scmp":"~0.0.3"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@1.0.2","_shasum":"03b1206a7876baaf5d0e347a2bc566cdfa2ca30b","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"03b1206a7876baaf5d0e347a2bc566cdfa2ca30b","size":2468,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-1.0.2.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-1.0.2.tgz"},"directories":{},"publish_time":1402264961123,"_cnpm_publish_time":1402264961123,"_hasShrinkwrap":false},"1.0.1":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"1.0.1","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1","uid2":"~0.0.2","scmp":"~0.0.3"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@1.0.1","_shasum":"e32809736c63886d3e86862fb8ea0f053ca83003","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"e32809736c63886d3e86862fb8ea0f053ca83003","size":2360,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-1.0.1.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-1.0.1.tgz"},"directories":{},"publish_time":1402264344071,"_cnpm_publish_time":1402264344071,"_hasShrinkwrap":false},"1.0.0":{"name":"csrf-tokens","description":"primary logic behind csrf tokens","version":"1.0.0","author":{"name":"Jonathan Ong","email":"me@jongleberry.com","url":"http://jongleberry.com"},"license":"MIT","repository":{"type":"git","url":"git://github.com/expressjs/csrf-tokens"},"dependencies":{"rndm":"1"},"devDependencies":{"mocha":"1"},"scripts":{"test":"mocha --reporter spec"},"bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"homepage":"https://github.com/expressjs/csrf-tokens","_id":"csrf-tokens@1.0.0","_shasum":"2dd7d67afbda568428d5ac8a31f43c42ce62cc92","_from":".","_npmVersion":"1.4.9","_npmUser":{"name":"jongleberry","email":"jonathanrichardong@gmail.com"},"maintainers":[{"name":"jongleberry","email":"jonathanrichardong@gmail.com"}],"dist":{"shasum":"2dd7d67afbda568428d5ac8a31f43c42ce62cc92","size":2318,"noattachment":false,"key":"/csrf-tokens/-/csrf-tokens-1.0.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/csrf-tokens/download/csrf-tokens-1.0.0.tgz"},"directories":{},"publish_time":1402264001232,"_cnpm_publish_time":1402264001232,"_hasShrinkwrap":false}},"readme":"\n# CSRF Tokens\n\nLogic behind CSRF token creation and verification.\nRead [Understanding-CSRF](http://www.jongleberry.com/understanding-csrf.html) for more information on CSRF.\nUse this module to create custom CSRF middleware and what not.\n\n## API\n\n```js\nvar tokens = require('csrf-tokens')(options)\n\nvar secret = tokens.secretSync()\nvar token = tokens.create(secret)\nvar valid = tokens.verify(secret, token)\n```\n\nOptions:\n\n- `secretLength: 24` - the byte length of the secret key\n- `saltLength: 8` - the string length of the salt\n- `tokensize: (secret, salt) => token` - a custom token creation function\n\n### tokens.secret([cb])\n\nAsynchronously create a new `secret` of length `secretLength`.\nIf `cb` is not defined, a promise is returned.\nYou don't have to use this.\n\n```js\ntokens.secret().then(function (secret) {\n\n})\n\ntokens.secret(function (err, secret) {\n\n})\n```\n\n### var secret = tokens.secretSync()\n\nSynchronous version of `tokens.secret()`\n\n### var token = tokens.token(secret)\n\nCreate a CSRF token based on a `secret`.\nThis is the token you pass to clients.\n\n### var valid = tokens.verify(secret, token)\n\nCheck whether a CSRF token is valid based on a `secret`.\nIf it's not valid, you should probably throw a `403` error.\n","_attachments":{},"homepage":"https://github.com/expressjs/csrf-tokens","bugs":{"url":"https://github.com/expressjs/csrf-tokens/issues"},"license":"MIT"}