VerifyCsrfToken class base
Middleware that verifies CSRF tokens on state-changing requests.
VerifyCsrfToken protects requests by comparing a token submitted with the
request against the CSRF token stored in the user's session cookie.
Read-only requests are allowed through without verification. Mutating
requests must provide a matching token or the middleware responds with
403 Forbidden.
Example:
router.post(
'/profile',
handler: (request) async => profileController.update(request),
middleware: [VerifyCsrfToken.middleware],
);
Constructors
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited
Static Methods
-
middleware(
HttpRequest request, Future< void> next()) → Future - Verifies the CSRF token for the current request before continuing.