kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 15:52:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: implement comprehensive CSRF protection

Browse Source
This commit is contained in:
Kaj Kowalski
2025-07-11 18:06:51 +02:00
committed by Kaj Kowalski
parent e7818f5e4f
commit 3e9e75e854
44 changed files with 14964 additions and 6413 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
app/api/csrf-token/route.ts Normal file
View File

@ -0,0 +1,19 @@
/**
* CSRF Token API Endpoint
*
* This endpoint provides CSRF tokens to clients for secure form submissions.
* It generates a new token and sets it as an HTTP-only cookie.
*/
import { NextRequest } from "next/server";
import { generateCSRFTokenResponse } from "../../../middleware/csrfProtection";
/**
* GET /api/csrf-token
*
* Generates and returns a new CSRF token.
* The token is also set as an HTTP-only cookie for automatic inclusion in requests.
*/
export function GET(request: NextRequest) {
return generateCSRFTokenResponse();
}

4
app/api/platform/companies/[id]/users/route.ts
View File

@ -75,8 +75,8 @@ export async function POST(
);
} else {
return NextResponse.json(
{
error: `Email already in use by a user in company: ${existingUser.company.name}. Each email address can only be used once across all companies.`
{
error: `Email already in use by a user in company: ${existingUser.company.name}. Each email address can only be used once across all companies.`
},
{ status: 400 }
);