Merge pull request #16 from veelenga/fix/crystal-0.24.1

Crystal 0.24.1
kemalcr · Jan 2, 2018 · b145727 · b145727
2 parents 4284d81 + a2deda0
commit b145727
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 9 deletions.
diff --git a/shard.yml b/shard.yml
@@ -4,17 +4,18 @@ version: 0.3.0
 dependencies:
   kemal-session:
     github: kemalcr/kemal-session
-    version: 0.8.0
+    #version: 0.8.0
+    branch: master
 
 development_dependencies:
   kemal:
     github: sdogruyol/kemal
-    version: 0.20.0
+    version: 0.22.0
 
 authors:
   - Serdar Dogruyol <[email protected]>
 
 
-crystal: 0.23.0
+crystal: 0.24.1
 
 license: MIT
diff --git a/src/kemal-csrf.cr b/src/kemal-csrf.cr
@@ -1,4 +1,4 @@
-require "secure_random"
+require "random/secure"
 require "kemal"
 require "kemal-session"
 
@@ -11,10 +11,9 @@ require "kemal-session"
 # where an attacker can re-submit a form.
 #
 class CSRF < Kemal::Handler
-
-  def initialize(@header = "X_CSRF_TOKEN", @allowed_methods = %w(GET HEAD OPTIONS TRACE), @parameter_name = "authenticity_token", @error : String | (HTTP::Server::Context->String) = "Forbidden", @allowed_routes = [] of String)
+  def initialize(@header = "X_CSRF_TOKEN", @allowed_methods = %w(GET HEAD OPTIONS TRACE), @parameter_name = "authenticity_token", @error : String | (HTTP::Server::Context -> String) = "Forbidden", @allowed_routes = [] of String)
     setup
-  end 
+  end
 
   def setup
     @allowed_routes.each do |path|
@@ -24,11 +23,11 @@ class CSRF < Kemal::Handler
       end
     end
   end
-  
+
   def call(context)
     return call_next(context) if exclude_match?(context)
     unless context.session.string?("csrf")
-      csrf_token = SecureRandom.hex(16)
+      csrf_token = Random::Secure.hex(16)
       context.session.string("csrf", csrf_token)
       context.response.cookies << HTTP::Cookie.new(
         name: @parameter_name,