Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

uncsrf

morgbn326.8kMIT1.2.0TypeScript support: included

Single API for CSRF functions, working in Node.js, Browsers and other runtimes

csrf

readme

uncsrf

npm version npm downloads Github Actions CI License

This library provides a single api to create and verify csrf token. It use web-crypto for non Node.js target and node:crypto using Conditional Exports.

Requirements:

  • Node.js
  • Browser: Secure Context (HTTPS/Localhost) in Supported Browsers
  • Other Runtimes: Exposed globalThis.crypto and globalThis.crypto.subtle. (you can polyfill if needed)

Usage

Install package:

# npm
npm install uncsrf

# yarn
yarn add uncsrf

# pnpm
pnpm install uncsrf

Import:

// ESM
import { importEncryptSecret, create, verify } from "uncsrf";

// CommonJS
const { importEncryptSecret, create, verify } = require("uncsrf");

Development

  • Clone this repository
  • Install latest LTS version of Node.js
  • Enable Corepack using corepack enable
  • Install dependencies using pnpm install
  • Run interactive tests using pnpm dev

License

Made with 💛, inspired by uncrypto.

Published under MIT License.

changelog

1.2.0 (2024-10-29)

Features

  • :art: export randomEncryptSecret (0f28049)

1.1.1 (2023-09-09)

Bug Fixes

  • :art: make encryptAlgorithm optional (80a2a62)

1.1.0 (2023-07-03)

Features

  • :sparkles: add randomSecret() (0dc0a3f)

1.0.0 (2023-07-01)

Features

  • :sparkles: csrf for node & web (cc25147)