import type { NextFunction, Request, Response } from 'express'; export interface CSRFConfig { enabled?: boolean; tokenLength?: number; cookieName?: string; headerName?: string; sessionKey?: string; sameSite?: 'strict' | 'lax' | 'none'; secure?: boolean; httpOnly?: boolean; excludePaths?: string[]; excludeMethods?: string[]; } export interface CSRFToken { token: string; createdAt: Date; expiresAt: Date; } export declare class CSRFProtection { private config; private logger?; private tokens; constructor(config?: CSRFConfig, logger?: Logger); expressMiddleware(): (req: Request, res: Response, next: NextFunction) => void | Response>; fastifyPluginAsync(fastify: import('fastify').FastifyInstance): Promise; generateToken(): CSRFToken; private setToken; private setTokenFastify; private validateToken; private validateTokenFastify; private isExcludedPath; private cleanExpiredTokens; getToken(req: Request): string | null; } //# sourceMappingURL=csrf-protection.d.ts.map