mirror of
https://github.com/wassname/talk.git
synced 2026-07-02 11:55:34 +08:00
Removing CSRF
This commit is contained in:
@@ -2,8 +2,6 @@ export const CHECK_LOGIN_REQUEST = 'CHECK_LOGIN_REQUEST';
|
||||
export const CHECK_LOGIN_SUCCESS = 'CHECK_LOGIN_SUCCESS';
|
||||
export const CHECK_LOGIN_FAILURE = 'CHECK_LOGIN_FAILURE';
|
||||
|
||||
export const CHECK_CSRF_TOKEN = 'CHECK_CSRF_TOKEN';
|
||||
|
||||
export const LOGOUT_REQUEST = 'LOGOUT_REQUEST';
|
||||
export const LOGOUT_SUCCESS = 'LOGOUT_SUCCESS';
|
||||
export const LOGOUT_FAILURE = 'LOGOUT_FAILURE';
|
||||
|
||||
@@ -44,8 +44,6 @@ export const CHECK_LOGIN_REQUEST = 'CHECK_LOGIN_REQUEST';
|
||||
export const CHECK_LOGIN_SUCCESS = 'CHECK_LOGIN_SUCCESS';
|
||||
export const CHECK_LOGIN_FAILURE = 'CHECK_LOGIN_FAILURE';
|
||||
|
||||
export const CHECK_CSRF_TOKEN = 'CHECK_CSRF_TOKEN';
|
||||
|
||||
export const VERIFY_EMAIL_REQUEST = 'VERIFY_EMAIL_REQUEST';
|
||||
export const VERIFY_EMAIL_SUCCESS = 'VERIFY_EMAIL_SUCCESS';
|
||||
export const VERIFY_EMAIL_FAILURE = 'VERIFY_EMAIL_FAILURE';
|
||||
|
||||
@@ -2,8 +2,6 @@ export const base = '/api/v1';
|
||||
|
||||
const buildOptions = (inputOptions = {}) => {
|
||||
|
||||
const csurfDOM = document.head.querySelector('[property=csrf]');
|
||||
|
||||
const defaultOptions = {
|
||||
method: 'GET',
|
||||
headers: {
|
||||
@@ -11,22 +9,11 @@ const buildOptions = (inputOptions = {}) => {
|
||||
'Accept': 'application/json'
|
||||
},
|
||||
credentials: 'same-origin',
|
||||
_csrf: csurfDOM ? csurfDOM.content : false
|
||||
};
|
||||
|
||||
let options = Object.assign({}, defaultOptions, inputOptions);
|
||||
options.headers = Object.assign({}, defaultOptions.headers, inputOptions.headers);
|
||||
|
||||
if (options._csrf) {
|
||||
switch (options.method.toLowerCase()) {
|
||||
case 'post':
|
||||
case 'put':
|
||||
case 'delete':
|
||||
options.headers['x-csrf-token'] = options._csrf;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (options.method.toLowerCase() !== 'get') {
|
||||
options.body = JSON.stringify(options.body);
|
||||
}
|
||||
|
||||
@@ -64,9 +64,6 @@ export default function auth (state = initialState, action) {
|
||||
.set('view', action.view);
|
||||
case actions.CLEAN_STATE:
|
||||
return initialState;
|
||||
case actions.CHECK_CSRF_TOKEN:
|
||||
return state
|
||||
.set('_csrf', action._csrf);
|
||||
case actions.FETCH_SIGNIN_REQUEST:
|
||||
return state
|
||||
.set('isLoading', true);
|
||||
|
||||
Reference in New Issue
Block a user