public override void OnActionExecuting(HttpActionContext actionContext) { if (actionContext.Request.Method != HttpMethod.Get) { string token = null; IEnumerable <string> tokenHeaders; if (actionContext.Request.Headers.TryGetValues(TOKEN_HEADER, out tokenHeaders)) { token = tokenHeaders.First(); } if (string.IsNullOrWhiteSpace(token)) { throw new ApplicationException($"The CSRF token is missing. Please add the {TOKEN_HEADER} header with a valid token."); } var service = new AntiCSRFService(); service.ValidateToken(token); } }
private static string GetCsrfToken() { var service = new AntiCSRFService(); return(service.GetToken()); }