utils csrf.js

0% Statements 0/51

0% Branches 0/1

0% Functions 0/1

0% Lines 0/51

Press n or j to go to the next uncovered block, b, p or k for the previous block.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
  /**
 * CSRF token management utilities
 */
 
import { getApiBaseUrl } from '../config/api';
 
let csrfToken = null;
 
/**
 * Fetch CSRF token from the backend
 */
export async function fetchCSRFToken() {
  try {
    const response = await fetch(`${getApiBaseUrl()}/api/csrf-token`, {
      credentials: 'include',
      headers: {
        Accept: 'application/json',
      },
    });
 
    if (!response.ok) {
      throw new Error('Failed to fetch CSRF token');
    }
 
    const data = await response.json();
    csrfToken = data.csrf_token;
    return csrfToken;
  } catch (error) {
    console.error('Error fetching CSRF token:', error);
    throw error;
  }
}
 
/**
 * Get current CSRF token, fetching if necessary
 */
export async function getCSRFToken() {
  if (!csrfToken) {
    await fetchCSRFToken();
  }
  return csrfToken;
}
 
/**
 * Add CSRF token to headers
 */
export async function addCSRFHeader(headers = {}) {
  const token = await getCSRFToken();
  return {
    ...headers,
    'X-CSRF-Token': token,
  };
}
 
/**
 * Clear stored CSRF token (call on logout)
 */
export function clearCSRFToken() {
  csrfToken = null;
}