I'm new to Tapestry5, but because of an internship I need to work with it.
Currently I am trying to build a mixin to integrate a CSRF token (explanation here) to any form. Is it even possible to achieve this in a mixin? If yes, could I access functions that the mixin offers from the page?
I am really not sure about how mixins really work and I'm having big difficulties on finding information about how to create one. Can somebody explain how to create a mixin and if what I'm trying to do is even possible?
Thanks a lot!
You might find that the HMAC message authentication introduced in tapestry 5.3.6 is good enough. Configuration here Jira here
If not, you will most likely write a Form mixin which adds a hidden input to a form and then checks for a RequestParameter in the form's
onValidate
event (a mixin can see it's component's events). If you want to implicitly add a mixin to every form, you can do this via a ComponentClassTransformWorker2 tutorial hereA bit of googling reveals this, this and this.