freeCodeCamp/api-server/server/middlewares/csurf.js

import csurf from 'csurf';

export default function() {
  const protection = csurf({
    cookie: {
      domain: process.env.COOKIE_DOMAIN || 'localhost'
    }
  });
  return function csrf(req, res, next) {
    const { path } = req;
    if (/^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/.test(path)) {
      return next();
    }
    return protection(req, res, next);
  };
}
Add csrf protection 2016-05-02 17:22:56 -07:00			`import csurf from 'csurf';`

			`export default function() {`
feat: Use prettier-eslint to format code 2019-02-18 19:32:49 +00:00			`const protection = csurf({`
			`cookie: {`
			`domain: process.env.COOKIE_DOMAIN \|\| 'localhost'`
feat(auth): Authorise 'external' requests through JWT (#17224) 2018-05-23 21:10:56 +01:00			`}`
feat: Use prettier-eslint to format code 2019-02-18 19:32:49 +00:00			`});`
Remove csrf from api calls 2016-05-02 21:11:49 -07:00			`return function csrf(req, res, next) {`
feat(api): add and update webhooks routing 2020-03-19 12:20:04 +05:30			`const { path } = req;`
			`if (/^\/hooks\/update-paypal$\|^\/hooks\/update-stripe$/.test(path)) {`
Remove csrf from api calls 2016-05-02 21:11:49 -07:00			`return next();`
			`}`
			`return protection(req, res, next);`
			`};`
Add csrf protection 2016-05-02 17:22:56 -07:00			`}`