b.santos/cloud-cap-samples
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support csrf tokens in Vue app (#394)

Browse Source
This commit is contained in:
Christian Georgi
2022-09-16 15:46:20 +02:00
committed by GitHub
parent b97253f266
commit aa5fda976a
1 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
bookshop/app/vue/app.js
View File

@@ -56,7 +56,7 @@ const books = Vue.createApp ({
} catch (err) { books.user = { id: err.message } }
},
}
}).mount("#app")
}).mount('#app')
books.getUserInfo()
books.fetch() // initially fill list of books
@@ -65,3 +65,25 @@ document.addEventListener('keydown', (event) => {
// hide user info on request
if (event.key === 'u') books.user = undefined
})
axios.interceptors.request.use(csrfToken)
function csrfToken (request) {
if (request.method === 'head' || request.method === 'get') return request
if ('csrfToken' in document) {
request.headers['x-csrf-token'] = document.csrfToken
return request
}
return fetchToken().then(token => {
document.csrfToken = token
request.headers['x-csrf-token'] = document.csrfToken
return request
}).catch(_ => {
document.csrfToken = null // set mark to not try again
return request
})
function fetchToken() {
return axios.get('/', { headers: { 'x-csrf-token': 'fetch' } })
.then(res => res.headers['x-csrf-token'])
}
}