Review changes.

This commit is contained in:
gaba
2017-01-04 12:24:01 -03:00
parent 2755cc61e4
commit 7b9dbb5afd
3 changed files with 8 additions and 6 deletions
+4 -2
View File
@@ -73,8 +73,10 @@ app.use(session(session_opts));
app.use(cookieParser());
app.use((err, req, res, next) => {
res.locals._csrf = req.csrfToken();
return next();
if (req.method === 'POST') {
res.locals._csrf = req.csrfToken();
}
next();
});
//==============================================================================
+1 -1
View File
@@ -9,7 +9,7 @@ export const userStatusUpdate = (status, userId, commentId) => {
return (dispatch, getState) => {
dispatch({type: actions.UPDATE_STATUS_REQUEST});
const _csrf = getState().auth.get('_csrf');
return coralApi(`/users/${userId}/status`, {method: 'POST', body: {status: status, comment_id: commentId}, _csrf: _csrf})
return coralApi(`/users/${userId}/status`, {method: 'POST', body: {status: status, comment_id: commentId}, _csrf})
.then(res => dispatch({type: actions.UPDATE_STATUS_SUCCESS, res}))
.catch(error => dispatch({type: actions.UPDATE_STATUS_FAILURE, error}));
};
+3 -3
View File
@@ -26,7 +26,7 @@ const signInFailure = error => ({type: actions.FETCH_SIGNIN_FAILURE, error});
export const fetchSignIn = (formData) => (dispatch, getState) => {
dispatch(signInRequest());
const _csrf = getState().auth.get('_csrf');
coralApi('/auth/local', {method: 'POST', body: formData, _csrf: _csrf})
coralApi('/auth/local', {method: 'POST', body: formData, _csrf})
.then(({user}) => {
const isAdmin = !!user.roles.filter(i => i === 'admin').length;
dispatch(signInSuccess(user, isAdmin));
@@ -77,7 +77,7 @@ export const fetchSignUp = formData => (dispatch, getState) => {
dispatch(signUpRequest());
const _csrf = getState().auth.get('_csrf');
coralApi('/users', {method: 'POST', body: formData, _csrf: _csrf})
coralApi('/users', {method: 'POST', body: formData, _csrf})
.then(({user}) => {
dispatch(signUpSuccess(user));
setTimeout(() =>{
@@ -97,7 +97,7 @@ export const fetchForgotPassword = email => (dispatch, getState) => {
dispatch(forgotPassowordRequest(email));
const _csrf = getState().auth.get('_csrf');
coralApi('/users/request-password-reset', {method: 'POST', body: {email}, _csrf: _csrf})
coralApi('/users/request-password-reset', {method: 'POST', body: {email}, _csrf})
.then(() => dispatch(forgotPassowordSuccess()))
.catch(error => dispatch(forgotPassowordFailure(error)));
};