From 7c9151e8ae04d549f870e2045fa4e726492b687f Mon Sep 17 00:00:00 2001 From: David Cook Date: Tue, 27 Feb 2024 06:05:24 +0000 Subject: [PATCH] Bug 35955: Cache CSRF token in template plugin This change uses the Koha::Cache::Memory::Lite cache to cache the CSRF token, so that it is only generated once, and is re-used by the Koha::Template::Plugin::Koha object throughout the entire template processing for the HTTP request. Signed-off-by: Jonathan Druart Signed-off-by: Jonathan Druart (cherry picked from commit 108c955eac02707ccaa35081fbece1054a5dcda3) Signed-off-by: Fridolin Somers (cherry picked from commit 222777ba98962b2fcd3433af78bd13bfd90c0620) Signed-off-by: Lucas Gass --- Koha/Template/Plugin/Koha.pm | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/Koha/Template/Plugin/Koha.pm b/Koha/Template/Plugin/Koha.pm index ec5f975eb7..55671d2199 100644 --- a/Koha/Template/Plugin/Koha.pm +++ b/Koha/Template/Plugin/Koha.pm @@ -24,6 +24,7 @@ use base qw( Template::Plugin ); use C4::Context; use Koha::Token; use Koha; +use Koha::Cache::Memory::Lite; =head1 NAME @@ -107,8 +108,16 @@ Generate a new CSRF token. sub GenerateCSRF { my ($self) = @_; + + my $memory_cache = Koha::Cache::Memory::Lite->get_instance; + my $cache_key = "CSRF_TOKEN"; + my $cached = $memory_cache->get_from_cache($cache_key); + return $cached if $cached; + my $session_id = $self->{_CONTEXT}->stash->{sessionID}; - return Koha::Token->new->generate_csrf( { session_id => scalar $session_id } ); + my $csrf_token = Koha::Token->new->generate_csrf( { session_id => scalar $session_id } ); + $memory_cache->set_in_cache( $cache_key, $csrf_token ); + return $csrf_token; } 1; -- 2.39.5