Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[FrameworkBundle][TwigBridge] make csrf_token() usable without forms #25197

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Mar 21, 2018
Merged

[FrameworkBundle][TwigBridge] make csrf_token() usable without forms #25197

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
make csrf_token() usable without forms 
The Twig function `csrf_token()` is currently only registered when the
Form component is installed. However, this function is also useful, for
example, when creating simple login forms for which you do not need the
full Form component.
  • Loading branch information
@xabbuh
xabbuh committed Nov 30, 2017
commit 709efa30fc4b4e67e14ffb60ac004187703c90c6
44 changes: 44 additions & 0 deletions 44 src/Symfony/Bridge/Twig/Extension/CsrfExtension.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Bridge\Twig\Extension;

use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
use Twig\Extension\AbstractExtension;
use Twig\TwigFunction;

/**
* @author Christian Flothmann <christian.flothmann@sensiolabs.de>
*/
class CsrfExtension extends AbstractExtension
{
private $csrfTokenManager;

public function __construct(CsrfTokenManagerInterface $csrfTokenManager)
{
$this->csrfTokenManager = $csrfTokenManager;
}

/**
* {@inheritdoc}
*/
public function getFunctions(): array
{
return array(
new TwigFunction('csrf_token', array($this, 'getCsrfToken')),
);
}

public function getCsrfToken(string $tokenId): string
{
return $this->csrfTokenManager->getToken($tokenId)->getValue();
}
}
5 changes: 5 additions & 0 deletions 5 src/Symfony/Bundle/FrameworkBundle/Resources/config/security_csrf.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,10 @@
<argument type="service" id="request_stack" on-invalid="ignore" />
</service>
<service id="Symfony\Component\Security\Csrf\CsrfTokenManagerInterface" alias="security.csrf.token_manager" />

<service id="twig.extension.security_csrf" class="Symfony\Bridge\Twig\Extension\CsrfExtension">
<tag name="twig.extension" />
<argument type="service" id="security.csrf.token_manager" />
</service>
</services>
</container>
Morty Proxy This is a proxified and sanitized view of the page, visit original site.