Prevent CSRF Attacks in NodeJS Application

To prevent CSRF attacks we can use, csurf node protection middleware. First, you need to install it as a npm package using following command.

Then you need to enable csurf in your node application.

In a http form, you can add CSRF token as a hidden field.

Now you need to pass CSRF token from your node controller.

Run your application and you will see the CSRF token for above form.

Download Source Code from GitHub.