From 3792d57e89375f66a674bab52752c39196aa9d6b Mon Sep 17 00:00:00 2001
From: FORESTIER Fabien <fabien.forestier@soprasteria.com>
Date: Wed, 16 Oct 2019 16:18:50 +0200
Subject: [PATCH] Make angular set a x-xsrf-token header on http requests using
its csrf feature
---
src/app/app.module.ts | 5 +++-
src/app/user/interceptors/auth-interceptor.ts | 23 -------------------
src/app/user/user.module.ts | 7 ------
3 files changed, 4 insertions(+), 31 deletions(-)
delete mode 100644 src/app/user/interceptors/auth-interceptor.ts
diff --git a/src/app/app.module.ts b/src/app/app.module.ts
index cf9faf2c..8e3cb812 100644
--- a/src/app/app.module.ts
+++ b/src/app/app.module.ts
@@ -1,7 +1,7 @@
import { BrowserModule } from '@angular/platform-browser';
import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
import { NgModule, APP_INITIALIZER } from '@angular/core';
-import { HttpClientModule } from '@angular/common/http';
+import { HttpClientModule, HttpClientXsrfModule } from '@angular/common/http';
import { AppComponent } from './app.component';
import { AppRoutingModule } from './app-routing.module';
@@ -44,6 +44,9 @@ export function initAppConfig(appConfigService: AppConfigService) {
BrowserModule,
BrowserAnimationsModule,
HttpClientModule,
+ HttpClientXsrfModule.withOptions({
+ headerName: 'x-xsrf-token',
+ }),
CoreModule,
EditorialisationModule,
UserModule,
diff --git a/src/app/user/interceptors/auth-interceptor.ts b/src/app/user/interceptors/auth-interceptor.ts
deleted file mode 100644
index 2f8f113e..00000000
--- a/src/app/user/interceptors/auth-interceptor.ts
+++ /dev/null
@@ -1,23 +0,0 @@
-import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent } from '@angular/common/http';
-import { Injectable } from '@angular/core';
-import { Observable } from 'rxjs';
-
-@Injectable()
-export class AuthInterceptor implements HttpInterceptor {
-
- intercept(
- req: HttpRequest<any>,
- next: HttpHandler,
- ): Observable<HttpEvent<any>> {
- const xsrfToken = localStorage.getItem('xsrfToken');
- let request = req;
-
- // && req.url.includes('https://data-intothesky.alpha.grandlyon.com/authentication/api/logout'
- if (xsrfToken) {
- request = req.clone({
- headers: req.headers.set('x-xsrf-token', xsrfToken),
- });
- }
- return next.handle(request);
- }
-}
diff --git a/src/app/user/user.module.ts b/src/app/user/user.module.ts
index 9d98bd96..42ee8630 100644
--- a/src/app/user/user.module.ts
+++ b/src/app/user/user.module.ts
@@ -4,8 +4,6 @@ import { UserRoutingModule } from './user-routing.module';
import { UserServices } from './services';
import { UserComponents } from './components';
import { FormsModule, ReactiveFormsModule } from '@angular/forms';
-import { HTTP_INTERCEPTORS } from '@angular/common/http';
-import { AuthInterceptor } from './interceptors/auth-interceptor';
import { UserGuards } from './guards';
import { SharedModule } from '../shared/shared.module';
@@ -20,11 +18,6 @@ import { SharedModule } from '../shared/shared.module';
providers: [
...UserGuards,
...UserServices,
- {
- provide: HTTP_INTERCEPTORS,
- useClass: AuthInterceptor,
- multi: true,
- },
],
declarations: [...UserComponents],
})
--
GitLab