csrf implemented

2026-06-21 17:40:21 +02:00
parent 5b203ed248
commit 86888b3877
7 changed files with 359 additions and 0 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -51,6 +51,13 @@ passwords = "3.1.16"
 tower-sessions = "0.14"
 # TOTP (Google Authenticator) for optional two-factor auth
 totp-rs = { version = "5", features = ["qr", "gen_secret"] }
+# CSRF: HMAC-signed double-submit token + body inspection for the `_csrf` field
+hmac = { version = "0.12" }
+sha2 = { version = "0.10" }
+subtle = { version = "2.6" }
+form_urlencoded = { version = "1" }
+multer = { version = "3" }
+futures-util = { version = "0.3" }

 [[bin]]
 name = "kompress-eshop-cli"