summaryrefslogtreecommitdiff
path: root/venv/lib/python3.11/site-packages/litestar/config/csrf.py
diff options
context:
space:
mode:
Diffstat (limited to 'venv/lib/python3.11/site-packages/litestar/config/csrf.py')
-rw-r--r--venv/lib/python3.11/site-packages/litestar/config/csrf.py42
1 files changed, 42 insertions, 0 deletions
diff --git a/venv/lib/python3.11/site-packages/litestar/config/csrf.py b/venv/lib/python3.11/site-packages/litestar/config/csrf.py
new file mode 100644
index 0000000..5094a5b
--- /dev/null
+++ b/venv/lib/python3.11/site-packages/litestar/config/csrf.py
@@ -0,0 +1,42 @@
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import TYPE_CHECKING, Literal
+
+__all__ = ("CSRFConfig",)
+
+
+if TYPE_CHECKING:
+ from litestar.types import Method
+
+
+@dataclass
+class CSRFConfig:
+ """Configuration for CSRF (Cross Site Request Forgery) protection.
+
+ To enable CSRF protection, pass an instance of this class to the :class:`Litestar <litestar.app.Litestar>` constructor using
+ the 'csrf_config' key.
+ """
+
+ secret: str
+ """A string that is used to create an HMAC to sign the CSRF token."""
+ cookie_name: str = field(default="csrftoken")
+ """The CSRF cookie name."""
+ cookie_path: str = field(default="/")
+ """The CSRF cookie path."""
+ header_name: str = field(default="x-csrftoken")
+ """The header that will be expected in each request."""
+ cookie_secure: bool = field(default=False)
+ """A boolean value indicating whether to set the ``Secure`` attribute on the cookie."""
+ cookie_httponly: bool = field(default=False)
+ """A boolean value indicating whether to set the ``HttpOnly`` attribute on the cookie."""
+ cookie_samesite: Literal["lax", "strict", "none"] = field(default="lax")
+ """The value to set in the ``SameSite`` attribute of the cookie."""
+ cookie_domain: str | None = field(default=None)
+ """Specifies which hosts can receive the cookie."""
+ safe_methods: set[Method] = field(default_factory=lambda: {"GET", "HEAD"})
+ """A set of "safe methods" that can set the cookie."""
+ exclude: str | list[str] | None = field(default=None)
+ """A pattern or list of patterns to skip in the CSRF middleware."""
+ exclude_from_csrf_key: str = "exclude_from_csrf"
+ """An identifier to use on routes to disable CSRF for a particular route."""
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-17 17:17:46 +0000