fix error response error csrf invalid

khanh2906 · khanh2906 · commit 0969fbee821a · 2024-07-12T23:08:19.000+07:00
diff --git a/README.md b/README.md
@@ -154,17 +154,17 @@ app.use(csrf.generate({
 
 - Default errorResponse is
 ```javascript
-errorResponse: (req, res, next) => {
-  return res.status(403).send('CSRF token invalid');
+errorResponse: (req, res) => {
+  res.status(403).send('CSRF token invalid');
 }
 ```
   
 - When you custom
 
 ```javascript
 // when you custom
-const newErrorResponse = (req, res, next) => {
-  return res.status(403).render('<h1>CSRF token invalid</h1>');
+const newErrorResponse = (req, res) => {
+  res.status(403).render('<h1>CSRF token invalid</h1>');
 }
 app.use(csrf.generate({
   errorResponse: newErrorResponse
diff --git a/lib/cjs/index.js b/lib/cjs/index.js
@@ -84,8 +84,8 @@ let csrf = {
 	getTransmitToken: (req) => {
 		return req.body._csrf || req.headers['csrf-token'];
 	},
-	errorResponse: (req, res, next) => {
-		return res.status(403).send('CSRF token invalid');
+	errorResponse: (req, res) => {
+		res.status(403).send('CSRF token invalid');
 	}
 }
 
@@ -155,7 +155,7 @@ module.exports = {
 				const token = csrf.getTransmitToken(req);
 
 				if (!token || token !== csrf.getToken(req)) {
-					return csrf.errorResponse(req, res, next)
+					return csrf.errorResponse(req, res)
 				} else {
 					console.info("DELETE CSRF TOKEN: ", token)
 					csrf.clearToken(req, res)
diff --git a/lib/esm/index.js b/lib/esm/index.js
@@ -84,8 +84,8 @@ let csrf = {
 	getTransmitToken: (req) => {
 		return req.body._csrf || req.headers['csrf-token'];
 	},
-	errorResponse: (req, res, next) => {
-		return res.status(403).send('CSRF token invalid');
+	errorResponse: (req, res) => {
+		res.status(403).send('CSRF token invalid');
 	}
 }
 
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@knfs-tech/csrf",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "Cross-site request forgery module",
   "main": "./lib/cjs/index.js",
   "module": "./lib/esm/index.js",
diff --git a/tests/units/csrf.spec.js b/tests/units/csrf.spec.js
@@ -73,7 +73,6 @@ describe('CSRF Middleware', () => {
 
 			csrfMiddleware.protect(req, res, next);
 
-			expect(next).toHaveBeenCalled();
 			expect(res.status).not.toHaveBeenCalled();
 		});
 
@@ -84,7 +83,6 @@ describe('CSRF Middleware', () => {
 
 			csrfMiddleware.protect(req, res, next);
 
-			expect(next).not.toHaveBeenCalled();
 			expect(res.status).toHaveBeenCalledWith(403);
 			expect(res.send).toHaveBeenCalledWith('CSRF token invalid');
 		});

Original file line number	Diff line number	Diff line change
`@@ -84,8 +84,8 @@ let csrf = {`
`84`	`84`	`getTransmitToken: (req) => {`
`85`	`85`	`return req.body._csrf \|\| req.headers['csrf-token'];`
`86`	`86`	`},`
`87`		`- errorResponse: (req, res, next) => {`
`88`		`- return res.status(403).send('CSRF token invalid');`
	`87`	`+ errorResponse: (req, res) => {`
	`88`	`+ res.status(403).send('CSRF token invalid');`
`89`	`89`	`}`
`90`	`90`	`}`
`91`	`91`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@knfs-tech/csrf",`
`3`		`- "version": "1.0.0",`
	`3`	`+ "version": "1.0.2",`
`4`	`4`	`"description": "Cross-site request forgery module",`
`5`	`5`	`"main": "./lib/cjs/index.js",`
`6`	`6`	`"module": "./lib/esm/index.js",`