How to use csrf in ember app


#1

Hey all. I am trying to implement csrf in my ember/express app. In my express app I have the following: app.use(express.csrf());

app.use(function(req, res, next) {
  res.locals._csrf = req.session._csrf;
  return next();
});

in ember I have the following:

<div class="search-input-container">
  <input type="hidden" name="_csrf" value="{{locals._csrf}}" data="{{log '----csrfToken is----' locals._csrf}}">
    {{input action="submit" type="text" value=searchInput autofocus="autofocus" placeholder="Search for stuff..."}}
  </div>

the log shows locals._csrf as undefined. I am using express 3.x and ember 1.x. — Any ideas or thoughts?