CSRF Extension

Before reading this, it may be prudent to first read about Centum’s CSRF component.

This extension provides a quick shortcut to the Centum\Interfaces\Http\Csrf\StorageInterface interface in the form of a function.

First, the extension needs to be added to Twig:

use Centum\Interfaces\Http\Csrf\StorageInterface;
use Centum\Twig\CsrfExtension;
use Twig\Environment;

/** @var Environment $twig */

/** @var StorageInterface $csrfStorage */

$twig->addExtension(
    new CsrfExtension($csrfStorage)
);

Then within your Twig files, you can call the csrf() function within a form which will create a hidden <input> with a CSRF token as its value:

<form>
    {{ csrf() }}

    <!-- rest of the form -->
</form>

This extension also provides the csrfValue() function that returns the raw CSRF value which is useful when dealing with AJAX form submissions:

$.post(
    {
        url: "/update-password",
        data: {
            "newPassword":        $("#newPassword").val(),
            "newPasswordConfirm": $("#newPasswordConfirm").val(),
            "csrf":               "{{ csrfValue() }}"
        }
    }
);