Add an example of usage including a form
alvarotrigo opened this issue · comments
Álvaro commented
I believe it's not very clear what's the way of using it.
Adding an example with a form will help for it. In the current documentation only the server side is shown.
I found this example in stackoverflow which shows how to use it in the views as well:
app.use(require('body-parser')());
app.use(require('cookie-parser')('YOUR SECRET GOES HERE'));
app.use(require('express-session')());
app.use(require('csurf')());
app.get('/some-form', function(req, res){
res.send('<form action="/process" method="POST">' +
'<input type="hidden" name="_csrf" value="' + req.csrfToken() + '">' +
'Favorite color: <input type="text" name="favoriteColor">' +
'<button type="submit">Submit</button>' +
'</form>');
});
app.post('/process', function(req, res){
res.send('<p>Your favorite color is "' + req.body.favoriteColor + '".');
});
The use of csrfToken()
is not explained in the docs.
Douglas Wilson commented
Duplicate of issue #7
Would you mind putting together a PR? Please make the HTML separate so it's readable instead of a string in JavaScript. You could make the layout similar to https://github.com/expressjs/method-override#examples