From 80f7e6bdd99074bf98ce4c00a25d2ffc949d71f7 Mon Sep 17 00:00:00 2001
From: Ali Tas <muhoweb@gmail.com>
Date: Tue, 16 Apr 2024 16:55:41 -0400
Subject: [PATCH] =?UTF-8?q?=F0=9F=A4=96=20Merge=20PR=20#69372=20Fix=20type?=
 =?UTF-8?q?s=20of=20csrf=20impl=20by=20@alitas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 types/lusca/index.d.ts     | 10 +++++++++-
 types/lusca/lusca-tests.ts | 14 ++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/types/lusca/index.d.ts b/types/lusca/index.d.ts
index 2ba719721bb01c..15e493344c3fbe 100644
--- a/types/lusca/index.d.ts
+++ b/types/lusca/index.d.ts
@@ -33,6 +33,8 @@ declare namespace lusca {
 
     type csrfOptions = csrfOptionsBase & csrfOptionsAngularOrNonAngular & csrfOptionsBlocklistOrAllowlist;
 
+    type csrfValidateFunction = (req: express.Request, token: unknown) => boolean;
+
     interface csrfOptionsBase {
         /**
          * The name of the CSRF token in the model.
@@ -46,7 +48,13 @@ declare namespace lusca {
         /**
          *  An object with create/validate methods for custom tokens
          */
-        impl?: (() => any) | undefined;
+        impl?: {
+            create?: (
+                req: express.Request,
+                secretKey: string,
+            ) => { secret: string; token: string; validate: csrfValidateFunction };
+            validate?: csrfValidateFunction;
+        } | undefined;
         /**
          * The name of the response header containing the CSRF token
          * @default 'x-csrf-token'
diff --git a/types/lusca/lusca-tests.ts b/types/lusca/lusca-tests.ts
index e4d4e30f3bec61..4139f09de6c420 100644
--- a/types/lusca/lusca-tests.ts
+++ b/types/lusca/lusca-tests.ts
@@ -17,6 +17,20 @@ app.use(lusca({
 app.use(lusca.csrf());
 app.use(lusca.csrf({ cookie: { name: "csrf" }, header: "x-csrf-token" }));
 app.use(lusca.csrf({ cookie: "csrf", angular: true }));
+app.use(
+    lusca.csrf({
+        cookie: "csrf",
+        impl: {
+            create: (req, secretKey) => ({
+                token: "token",
+                secret: "secret",
+                validate(req, token) {
+                    return true;
+                },
+            }),
+        },
+    }),
+);
 app.use(lusca.csrf({ blocklist: ["/blocklist"] }));
 app.use(lusca.csrf({ allowlist: ["/allowlist"] }));
 app.use(lusca.csp({ policy: [{ "img-src": "'self' http:" }, "block-all-mixed-content"], reportOnly: false }));