Dynamic Forms in staticly cached pages for Statamic

Want static full/half measure caching in statamic? But still want to have forms in those static pages? Just use this addon and all your problems will be gone!

Installing

Copy the DynamicToken into your site/addons folder.

Configuration

• disable CSRF verification by adding /!/DynamicToken to the csrf_exclude array in site/settings/system.yaml. Don't worry we check that the referrer is comming from your APP_URL, but this still carries its own risks.
• add a {{ dynamic_token }} to your layout file just before </body> tag.
• add an APP_URL=<your_site_url> to your .env file. e.g.:APP_URL=site.com local development: APP_URL=localhost

How does this work?

First off, if javascript is disabled this won't work. We will add this functionality later. On page load it will get a fresh csrf token and update all your forms with it. It will automatically update the token every 15 minutes.

There are two parts:

1st:

The {{ dynamic_token }} inserts a bit of javascript into your static html file, which allows it to pull a new csrf token and update all <form> tags which have an <input name="_token">, this applies to all {{ form:create }} tags, or any form if you add <input name="_token"> to your normal forms.

2st:

A simple controller, which checks the refferer and if the refferer matches your APP_URL it returns a fresh csrf token.

Upcoming

• Server only handling of forms, without the {{ dynamic_token }} tag

Contact

You can use the support email or just ping @mykolas in the statamic discord server.