Add working example

2025-10-30 23:06:20 -04:00 · 2020-10-17 04:08:58 +05:00 · 2020-10-17 04:08:58 +05:00 · 735cc43d99
commit 735cc43d99
parent 6b639e7434
6 changed files with 1328 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -26,10 +26,18 @@ Attach [fairing](https://rocket.rs/v0.4/guide/fairings/#fairings) to the Rocket
 instance:

 ```rust
+#![feature(decl_macro)]
+
+#[macro_use] extern crate rocket;
+#[macro_use] extern crate serde_derive;
+
+use rocket_contrib::templates::Template;
+
 fn main() {
    rocket::ignite()
        .attach(rocket_csrf::Fairing::new())
-        .mount("/", routes![index, create])
+        .attach(Template::fairing())
+        .mount("/", routes![new, create])
        .launch();
 }
 ```
@ -39,8 +47,12 @@ request where you want to have access to session's CSRF token (e.g. to include
 it in forms) or verify it (e.g. to validate form):

 ```rust
+use rocket::response::Redirect;
+use rocket::request::Form;
+use rocket_contrib::templates::Template;
+
 #[get("/comments/new")]
-fn index(csrf: rocket_csrf::Guard) -> Template {
+fn new(csrf: rocket_csrf::Guard) -> Template {
    // your code
 }

@ -56,7 +68,7 @@ to use it in [templates](https://rocket.rs/v0.4/guide/responses/#templates):

 ```rust
 #[get("/comments/new")]
-fn index(csrf: rocket_csrf::Guard) -> Template {
+fn new(csrf: rocket_csrf::Guard) -> Template {
    let csrf_token: String = csrf.0;

    // your code
@ -90,14 +102,16 @@ authenticity token:
 ```rust
 #[post("/comments", data = "<form>")]
 fn create(csrf: rocket_csrf::Guard, form: Form<Comment>) -> Redirect {
-    if Err(_) = csrf.verify(form.authenticity_token) {
-        return Redirect::to(uri!(index));
+    if let Err(_) = csrf.verify(&form.authenticity_token) {
+        return Redirect::to(uri!(new));
    }

    // your code
 }
 ```

+See the complete code in [minimal example](examples/minimal).
+


 TODO
--- a/examples/minimal/.gitignore
+++ b/examples/minimal/.gitignore
@ -0,0 +1 @@
+/target/
--- a/examples/minimal/Cargo.lock
+++ b/examples/minimal/Cargo.lock
--- a/examples/minimal/Cargo.toml
+++ b/examples/minimal/Cargo.toml
@ -0,0 +1,13 @@
+[package]
+name = "rocket_csrf_example_minimal"
+version = "0.0.0"
+authors = ["Alex Kotov <kotovalexarian@gmail.com>"]
+edition = "2018"
+publish = false
+
+[dependencies]
+rocket = "^0.4.5"
+rocket_csrf = { path = "../.." }
+rocket_contrib = { version = "^0.4.5", features = ["handlebars_templates"] }
+serde = "^1.0.117"
+serde_derive = "^1.0.117"
--- a/examples/minimal/src/main.rs
+++ b/examples/minimal/src/main.rs
@ -0,0 +1,45 @@
+#![feature(decl_macro)]
+
+#[macro_use] extern crate rocket;
+#[macro_use] extern crate serde_derive;
+
+use rocket::response::Redirect;
+use rocket::request::Form;
+use rocket_contrib::templates::Template;
+
+#[derive(Serialize)]
+struct TemplateContext {
+    csrf_token: String,
+}
+
+#[derive(FromForm)]
+struct Comment {
+    authenticity_token: String,
+    text: String,
+}
+
+fn main() {
+    rocket::ignite()
+        .attach(rocket_csrf::Fairing::new())
+        .attach(Template::fairing())
+        .mount("/", routes![new, create])
+        .launch();
+}
+
+#[get("/comments/new")]
+fn new(csrf: rocket_csrf::Guard) -> Template {
+    let template_context = TemplateContext {
+        csrf_token: csrf.0,
+    };
+
+    Template::render("comments/new", &template_context)
+}
+
+#[post("/comments", data = "<form>")]
+fn create(csrf: rocket_csrf::Guard, form: Form<Comment>) -> Redirect {
+    if let Err(_) = csrf.verify(&form.authenticity_token) {
+        return Redirect::to(uri!(new));
+    }
+
+    Redirect::to(uri!(new))
+}
--- a/examples/minimal/templates/comments/new.html.hbs
+++ b/examples/minimal/templates/comments/new.html.hbs
@ -0,0 +1,5 @@
+<form method="post" action="/comments">
+  <input type="hidden" name="authenticity_token" value="{{ csrf_token }}"/>
+  <input type="text" name="text"/>
+  <button type="submit">Submit</button>
+</form>