diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2b77268..5675a0b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 ## 7.2.1 under development
 
-- no changes in this release.
+- Enh #135: Add `CsrfTokenMiddleware` support in `CsrfViewInjection` (@vjik)
 
 ## 7.2.0 October 02, 2024
 
diff --git a/src/CsrfViewInjection.php b/src/CsrfViewInjection.php
index 8b03a56..e5eca37 100644
--- a/src/CsrfViewInjection.php
+++ b/src/CsrfViewInjection.php
@@ -7,9 +7,12 @@
 use LogicException;
 use Yiisoft\Csrf\CsrfMiddleware;
 use Yiisoft\Csrf\CsrfTokenInterface;
+use Yiisoft\Csrf\CsrfTokenMiddleware;
 
 /**
  * `CsrfViewInjection` injects the necessary data into the view to protect against a CSRF attack.
+ *
+ * @psalm-suppress DeprecatedClass `CsrfMiddleware` in `$middleware` property will be removed in next major version.
  */
 final class CsrfViewInjection implements CommonParametersInjectionInterface, MetaTagsInjectionInterface
 {
@@ -20,8 +23,10 @@ final class CsrfViewInjection implements CommonParametersInjectionInterface, Met
     private string $metaAttributeName = self::DEFAULT_META_ATTRIBUTE_NAME;
     private string $parameterName = self::DEFAULT_PARAMETER_NAME;
 
-    public function __construct(private CsrfTokenInterface $token, private CsrfMiddleware $middleware)
-    {
+    public function __construct(
+        private readonly CsrfTokenInterface $token,
+        private readonly CsrfTokenMiddleware|CsrfMiddleware $middleware,
+    ) {
     }
 
     /**