VerifyCsrfToken class base

Middleware that verifies CSRF tokens on state-changing requests.

VerifyCsrfToken protects requests by comparing a token submitted with the request against the CSRF token stored in the user's session cookie.

Read-only requests are allowed through without verification. Mutating requests must provide a matching token or the middleware responds with 403 Forbidden.

Example:

router.post(
  '/profile',
  handler: (request) async => profileController.update(request),
  middleware: [VerifyCsrfToken.middleware],
);

Constructors

VerifyCsrfToken()

Properties

hashCode int
The hash code for this object.
no setterinherited
runtimeType Type
A representation of the runtime type of the object.
no setterinherited

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toString() String
A string representation of this object.
inherited

Operators

operator ==(Object other) bool
The equality operator.
inherited

Static Methods

middleware(HttpRequest request, Future<void> next()) Future
Verifies the CSRF token for the current request before continuing.