PHPackages                             grafikart/psr15-csrf-middleware - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. grafikart/psr15-csrf-middleware

ActiveLibrary[Security](/categories/security)

grafikart/psr15-csrf-middleware
===============================

A PSR-15 compatible middleware to prevent CSRF

1.0.2(7y ago)51.1k91MITPHPPHP &gt;=7.1.0

Since Aug 23Pushed 7y ago2 watchersCompare

[ Source](https://github.com/Grafikart/PSR15-CsrfMiddleware)[ Packagist](https://packagist.org/packages/grafikart/psr15-csrf-middleware)[ RSS](/packages/grafikart-psr15-csrf-middleware/feed)WikiDiscussions master Synced 2w ago

READMEChangelogDependencies (5)Versions (4)Used By (1)

PSR-15 Middleware
=================

[](#psr-15-middleware)

[![Build Status](https://camo.githubusercontent.com/e32299082b6958b643ec51c62e3527d858590e66ae67f95a653c35ac4186413b/68747470733a2f2f7472617669732d63692e6f72672f47726166696b6172742f50535231352d437372664d6964646c65776172652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/Grafikart/PSR15-CsrfMiddleware) [![Coverage Status](https://camo.githubusercontent.com/58c71a8151577d87a300fb04291b5d0d764f36bb5d66bfec6fe0acb935d9cc41/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f47726166696b6172742f50535231352d437372664d6964646c65776172652f62616467652e7376673f6272616e63683d6d6173746572)](https://coveralls.io/github/Grafikart/PSR15-CsrfMiddleware?branch=master)

This middleware checks every POST, PATCH, PUT and DELETE requests for a CSRF token. Tokens are persisted using an ArrayAccess compatible Session and are generated on demand.

Installation
------------

[](#installation)

```
composer require grafikart/psr15-csrf-middleware
```

How to use it
-------------

[](#how-to-use-it)

```
$middleware = new CsrfMiddleware($_SESSION, 200);
$app->pipe($middleware);

// Generate input
$input = "
```

Middleware is constructed with these parameters:

- session, **ArrayAccess|array**, used to store tokens
- limit, **int**, limits the amount of tokens the session is allowed to persist
- sessionKey, **string**
- formKey, **string**

###  Health Score

33

—

LowBetter than 72% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community18

Small or concentrated contributor base

Maturity60

Established project with proven stability

 Bus Factor1

Top contributor holds 66.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~223 days

Total

3

Last Release

2787d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/395137?v=4)[Jonathan](/maintainers/Grafikart)[@Grafikart](https://github.com/Grafikart)

---

Top Contributors

[![Grafikart](https://avatars.githubusercontent.com/u/395137?v=4)](https://github.com/Grafikart "Grafikart (6 commits)")[![beMang](https://avatars.githubusercontent.com/u/34446268?v=4)](https://github.com/beMang "beMang (1 commits)")[![betaWeb](https://avatars.githubusercontent.com/u/13481208?v=4)](https://github.com/betaWeb "betaWeb (1 commits)")[![Girgias](https://avatars.githubusercontent.com/u/7906688?v=4)](https://github.com/Girgias "Girgias (1 commits)")

###  Code Quality

TestsPHPUnit

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/grafikart-psr15-csrf-middleware/health.svg)

```
[![Health](https://phpackages.com/badges/grafikart-psr15-csrf-middleware/health.svg)](https://phpackages.com/packages/grafikart-psr15-csrf-middleware)
```

###  Alternatives

[cakephp/cakephp

The CakePHP framework

8.8k19.1M1.7k](/packages/cakephp-cakephp)[selective/samesite-cookie

Secure your site with SameSite cookies

10145.3k](/packages/selective-samesite-cookie)[flowd/phirewall

A PHP Firewall and rate limiter based on PSR-7 and PSR-15 middleware (safelists, blocklists, throttles, fail2ban)

172.9k2](/packages/flowd-phirewall)[eliashaeussler/typo3-solver

Solver - Extends TYPO3's exception handling with AI generated solutions. Problems can also be solved from command line. Several OpenAI parameters are configurable and prompts and solution providers can be customized as desired.

302.1k](/packages/eliashaeussler-typo3-solver)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
