{
  "_args": [
    [
      {
        "raw": "csrf@~3.0.0",
        "scope": null,
        "escapedName": "csrf",
        "name": "csrf",
        "rawSpec": "~3.0.0",
        "spec": ">=3.0.0 <3.1.0",
        "type": "range"
      },
      "/home/jdaugherty/work/GT2/GT2-Android/node_modules/csurf"
    ]
  ],
  "_from": "csrf@>=3.0.0 <3.1.0",
  "_id": "csrf@3.0.6",
  "_inCache": true,
  "_location": "/csrf",
  "_nodeVersion": "4.7.3",
  "_npmOperationalInternal": {
    "host": "packages-18-east.internal.npmjs.com",
    "tmp": "tmp/csrf-3.0.6.tgz_1489549463230_0.9222420507576317"
  },
  "_npmUser": {
    "name": "dougwilson",
    "email": "doug@somethingdoug.com"
  },
  "_npmVersion": "2.15.11",
  "_phantomChildren": {},
  "_requested": {
    "raw": "csrf@~3.0.0",
    "scope": null,
    "escapedName": "csrf",
    "name": "csrf",
    "rawSpec": "~3.0.0",
    "spec": ">=3.0.0 <3.1.0",
    "type": "range"
  },
  "_requiredBy": [
    "/csurf"
  ],
  "_resolved": "https://registry.npmjs.org/csrf/-/csrf-3.0.6.tgz",
  "_shasum": "b61120ddceeafc91e76ed5313bb5c0b2667b710a",
  "_shrinkwrap": null,
  "_spec": "csrf@~3.0.0",
  "_where": "/home/jdaugherty/work/GT2/GT2-Android/node_modules/csurf",
  "author": {
    "name": "Jonathan Ong",
    "email": "me@jongleberry.com",
    "url": "http://jongleberry.com"
  },
  "bugs": {
    "url": "https://github.com/pillarjs/csrf/issues"
  },
  "contributors": [
    {
      "name": "Douglas Christopher Wilson",
      "email": "doug@somethingdoug.com"
    }
  ],
  "dependencies": {
    "rndm": "1.2.0",
    "tsscmp": "1.0.5",
    "uid-safe": "2.1.4"
  },
  "description": "primary logic behind csrf tokens",
  "devDependencies": {
    "bluebird": "3.5.0",
    "eslint": "3.17.1",
    "eslint-config-standard": "7.0.1",
    "eslint-plugin-markdown": "1.0.0-beta.4",
    "eslint-plugin-promise": "3.5.0",
    "eslint-plugin-standard": "2.1.1",
    "istanbul": "0.4.5",
    "mocha": "2.5.3"
  },
  "directories": {},
  "dist": {
    "shasum": "b61120ddceeafc91e76ed5313bb5c0b2667b710a",
    "tarball": "https://registry.npmjs.org/csrf/-/csrf-3.0.6.tgz"
  },
  "engines": {
    "node": ">= 0.8"
  },
  "files": [
    "LICENSE",
    "HISTORY.md",
    "README.md",
    "index.js"
  ],
  "gitHead": "018ec746e8ce5dea10dda78a2480a0a9e756f1a8",
  "homepage": "https://github.com/pillarjs/csrf#readme",
  "keywords": [
    "csrf",
    "tokens"
  ],
  "license": "MIT",
  "maintainers": [
    {
      "name": "dougwilson",
      "email": "doug@somethingdoug.com"
    },
    {
      "name": "dwolla",
      "email": "api@dwolla.com"
    },
    {
      "name": "jongleberry",
      "email": "jonathanrichardong@gmail.com"
    }
  ],
  "name": "csrf",
  "optionalDependencies": {},
  "readme": "# CSRF\n\n[![NPM Version][npm-image]][npm-url]\n[![NPM Downloads][downloads-image]][downloads-url]\n[![Node.js Version][node-image]][node-url]\n[![Build Status][travis-image]][travis-url]\n[![Test Coverage][coveralls-image]][coveralls-url]\n\nLogic behind CSRF token creation and verification.\n\nRead [Understanding-CSRF](https://github.com/pillarjs/understanding-csrf)\nfor more information on CSRF. Use this module to create custom CSRF middleware.\n\nLooking for a CSRF framework for your favorite framework that uses this\nmodule?\n\n  * Express/connect: [csurf](https://www.npmjs.com/package/csurf) or\n    [alt-xsrf](https://www.npmjs.com/package/alt-xsrf)\n  * Koa: [koa-csrf](https://www.npmjs.com/package/koa-csrf) or\n    [koa-atomic-session](https://www.npmjs.com/package/koa-atomic-session)\n\n### Install\n\n```sh\n$ npm install csrf\n```\n\n## API\n\n<!-- eslint-disable no-unused-vars -->\n\n```js\nvar Tokens = require('csrf')\n```\n\n### new Tokens([options])\n\nCreate a new token generation/verification instance. The `options` argument is\noptional and will just use all defaults if missing.\n\n#### Options\n\nTokens accepts these properties in the options object.\n\n##### saltLength\n\nThe length of the internal salt to use, in characters. Internally, the salt\nis a base 62 string. Defaults to `8` characters.\n\n##### secretLength\n\nThe length of the secret to generate, in bytes. Note that the secret is\npassed around base-64 encoded and that this length refers to the underlying\nbytes, not the length of the base-64 string. Defaults to `18` bytes.\n\n#### tokens.create(secret)\n\nCreate a new CSRF token attached to the given `secret`. The `secret` is a\nstring, typically generated from the `tokens.secret()` or `tokens.secretSync()`\nmethods. This token is what you should add into HTML `<form>` blocks and\nexpect the user's browser to provide back.\n\n<!-- eslint-disable no-undef, no-unused-vars -->\n\n```js\nvar secret = tokens.secretSync()\nvar token = tokens.create(secret)\n```\n\n#### tokens.secret(callback)\n\nAsynchronously create a new `secret`, which is a string. The secret is to\nbe kept on the server, typically stored in a server-side session for the\nuser. The secret should be at least per user.\n\n<!-- eslint-disable no-undef -->\n\n```js\ntokens.secret(function (err, secret) {\n  if (err) throw err\n  // do something with the secret\n})\n```\n\n#### tokens.secret()\n\nAsynchronously create a new `secret` and return a `Promise`. Please see\n`tokens.secret(callback)` documentation for full details.\n\n**Note**: To use promises in Node.js _prior to 0.12_, promises must be\n\"polyfilled\" using `global.Promise = require('bluebird')`.\n\n<!-- eslint-disable no-undef -->\n\n```js\ntokens.secret().then(function (secret) {\n  // do something with the secret\n})\n```\n\n#### tokens.secretSync()\n\nA synchronous version of `tokens.secret(callback)`. Please see\n`tokens.secret(callback)` documentation for full details.\n\n<!-- eslint-disable no-undef, no-unused-vars -->\n\n```js\nvar secret = tokens.secretSync()\n```\n\n#### tokens.verify(secret, token)\n\nCheck whether a CSRF token is valid for the given `secret`, returning\na Boolean.\n\n<!-- eslint-disable no-undef -->\n\n```js\nif (!tokens.verify(secret, token)) {\n  throw new Error('invalid token!')\n}\n```\n\n## License\n\n[MIT](LICENSE)\n\n[npm-image]: https://img.shields.io/npm/v/csrf.svg\n[npm-url]: https://npmjs.org/package/csrf\n[node-image]: https://img.shields.io/node/v/csrf.svg\n[node-url]: https://nodejs.org/en/download/\n[travis-image]: https://img.shields.io/travis/pillarjs/csrf/master.svg\n[travis-url]: https://travis-ci.org/pillarjs/csrf\n[coveralls-image]: https://img.shields.io/coveralls/pillarjs/csrf/master.svg\n[coveralls-url]: https://coveralls.io/r/pillarjs/csrf?branch=master\n[downloads-image]: https://img.shields.io/npm/dm/csrf.svg\n[downloads-url]: https://npmjs.org/package/csrf\n",
  "readmeFilename": "README.md",
  "repository": {
    "type": "git",
    "url": "git+https://github.com/pillarjs/csrf.git"
  },
  "scripts": {
    "lint": "eslint --plugin markdown --ext js,md .",
    "test": "mocha --trace-deprecation --reporter spec --bail --check-leaks test/",
    "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --trace-deprecation --reporter dot --check-leaks test/",
    "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --trace-deprecation --reporter spec --check-leaks test/"
  },
  "version": "3.0.6"
}