Class CSRFController

java.lang.Object
edu.ucsb.cs156.rec.controllers.CSRFController

@Profile("development") @RestController public class CSRFController extends Object
The CSRF controller is used to get a CSRF token. This is only enabled in the development profile, and is used to test APIs with Postman or swagger.ui/ For more information on CSRF, do a web search on "Cross-Site Request Forgery".
  • Constructor Details

    • CSRFController

      public CSRFController()
  • Method Details

    • csrf

      @GetMapping("/csrf") public org.springframework.security.web.csrf.CsrfToken csrf(org.springframework.security.web.csrf.CsrfToken token)
      This method returns a CSRF token.
      Parameters:
      token - the CSRF token, injected by Spring automatically
      Returns:
      the CSRF token