nowelium/yet_another_express_csrf

## yet_another_express_csrf
const crypto = require('crypto');
const connect = require('connect');

exports.token = function(request, response){
  if(request.session){
    var lastAccess = request.session.lastAccess;
    var csrf = crypto.createHash('md5').update('' + Date.now() + lastAccess).digest('hex');
    return request.session['csrf'] = csrf;
  }
  return null;
};
exports.check = function(options){
  return connect.createServer(function(request, response, next){
    if(/POST/i.test(request.method)){
      if(request.body){
        if(!('csrf' in request.body)){
          // no check csrf
          return next();
        }

        var requestCSRF = request.body['csrf'];
        var sessionCSRF = request.session['csrf'];
        if(requestCSRF === sessionCSRF){
          // valid csrf
          return next();
        }
        return next(new Error('Cross-size request forgery attempt discovered'));
      }
      return next();
    }
    return next();
  });
};
	const crypto = require('crypto');
	const connect = require('connect');

	exports.token = function(request, response){
	if(request.session){
	var lastAccess = request.session.lastAccess;
	var csrf = crypto.createHash('md5').update('' + Date.now() + lastAccess).digest('hex');
	return request.session['csrf'] = csrf;
	}
	return null;
	};
	exports.check = function(options){
	return connect.createServer(function(request, response, next){
	if(/POST/i.test(request.method)){
	if(request.body){
	if(!('csrf' in request.body)){
	// no check csrf
	return next();
	}

	var requestCSRF = request.body['csrf'];
	var sessionCSRF = request.session['csrf'];
	if(requestCSRF === sessionCSRF){
	// valid csrf
	return next();
	}
	return next(new Error('Cross-size request forgery attempt discovered'));
	}
	return next();
	}
	return next();
	});
	};