Hey all. I am trying to implement csrf in my ember/express app. In my express app I have the following: app.use(express.csrf());
app.use(function(req, res, next) {
res.locals._csrf = req.session._csrf;
return next();
});
in ember I have the following:
<div class="search-input-container">
<input type="hidden" name="_csrf" value="{{locals._csrf}}" data="{{log '----csrfToken is----' locals._csrf}}">
{{input action="submit" type="text" value=searchInput autofocus="autofocus" placeholder="Search for stuff..."}}
</div>
the log shows locals._csrf as undefined. I am using express 3.x and ember 1.x. — Any ideas or thoughts?