Add AuthenticityToken component in makerkit
This new component, AuthenticityToken, is added to fetch CSRF token from the 'meta' tags. This is used to prevent Cross Site Request Forgery on forms by embedding a CSRF token as a hidden input field. When the form is submitted, the server can verify whether the request was legitimate by checking the CSRF token. This enhances the security of the application.
This commit is contained in:
giancarlo
17
packages/ui/src/makerkit/AuthenticityToken.tsx
Normal file
17
packages/ui/src/makerkit/AuthenticityToken.tsx
Normal file
@@ -0,0 +1,17 @@
|
||||
'use client';
|
||||
|
||||
export function AuthenticityToken() {
|
||||
const token = useCsrfToken();
|
||||
|
||||
return <input type="hidden" name="csrf_token" value={token} />;
|
||||
}
|
||||
|
||||
function useCsrfToken() {
|
||||
if (typeof window === 'undefined') return '';
|
||||
|
||||
return (
|
||||
document
|
||||
.querySelector('meta[name="csrf-token"]')
|
||||
?.getAttribute('content') ?? ''
|
||||
);
|
||||
}
|
||||
Reference in New Issue
Block a user