struct CSRFProtection { struct Key: StorageKey { typealias Value = CSRFProtection } struct Post: Decodable { var csrfToken: UUID? } let sessionKey = "csrfToken" struct Middleware: Vapor.Middleware { func respond(to request: Request, chainingTo next: Responder) -> EventLoopFuture<Response> { let eventLoop = request.eventLoop guard request.method == .POST else { return next.respond(to: request) } let verify = eventLoop.future { try request.verifyCSRFToken() } return verify.flatMap { () in next.respond(to: request) } } } var middleware: Middleware { Middleware() } }

7:58 AM

結構簡単ですよ。 respond (to:, chainingTo) メソッドを実装するだけなので。

7:58 AM

↑は自作のCSRF脆弱性対策くん