session
astro-utils form use session to save CSRF validation secrets.
This session is based on json web token, and is save (encrypted) in the browser cookie.
Using
Use can get the session with the activation of web forms
---import { BindForm, BButton } from "@astro-utils/forms/forms.js";const { session } = Astro.locals;
function increase() { session.counter ??= 0; session.counter++;}---<BindForm> <p>Current counter: {session.counter}</p> <BButton onClick={increase}>++</BButton></BindForm>
Configuration
All the configuration is in the middleware creation.
src/middleware.ts
import astroFormsMiddleware from '@astro-utils/forms';import {sequence} from 'astro/middleware';
export const onRequest = sequence( astroFormsMiddleware({ secret: 'my-secret', session: { cookieName: 'session', cookieOptions: { httpOnly: true, sameSite: true, maxAge: 1000 * 60 * 60 * 24 * 7, }, }, }));