Skip to content
Snippets Groups Projects
Commit 50d2123c authored by FORESTIER Fabien's avatar FORESTIER Fabien
Browse files

Use the XSRF-TOKEN cookie to set the x-xsrf-token header instead of the localstorage

parent 58ec2e7b
1 merge request!53Version 2.3.2
Checking pipeline status
Expand all Hide whitespace changes
Inline Side-by-side
package-lock.json
+ 1901
1901
View file @ 50d2123c
This diff is collapsed.
package.json
+ 1
1
View file @ 50d2123c
...@@ -47,7 +47,7 @@ ...@@ -47,7 +47,7 @@
"mapbox-gl": "^0.54.1", "mapbox-gl": "^0.54.1",
"ng-inline-svg": "^8.2.1", "ng-inline-svg": "^8.2.1",
"ng-lazyload-image": "^5.1.2", "ng-lazyload-image": "^5.1.2",
"ngx-cookie-service": "^2.1.0", "ngx-cookie-service": "^2.2.0",
"ngx-infinite-scroll": "^6.0.1", "ngx-infinite-scroll": "^6.0.1",
"node-rsa": "^1.0.3", "node-rsa": "^1.0.3",
"rxjs": "^6.4.0", "rxjs": "^6.4.0",
......
src/app/app.module.ts
+ 0
3
View file @ 50d2123c
...@@ -44,9 +44,6 @@ export function initAppConfig(appConfigService: AppConfigService) { ...@@ -44,9 +44,6 @@ export function initAppConfig(appConfigService: AppConfigService) {
BrowserModule, BrowserModule,
BrowserAnimationsModule, BrowserAnimationsModule,
HttpClientModule, HttpClientModule,
HttpClientXsrfModule.withOptions({
headerName: 'x-xsrf-token',
}),
CoreModule, CoreModule,
EditorialisationModule, EditorialisationModule,
UserModule, UserModule,
......
src/app/user/interceptors/xsrf-token.interceptor.ts 0 → 100644
+ 25
0
View file @ 50d2123c
import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs';
import { CookieService } from 'ngx-cookie-service';
@Injectable()
export class XSRFTokenInterceptor implements HttpInterceptor {
constructor(private cookieService: CookieService) { }
intercept(
req: HttpRequest<any>,
next: HttpHandler,
): Observable<HttpEvent<any>> {
const xsrfToken = this.cookieService.get('XSRF-TOKEN');
let request = req;
if (xsrfToken) {
request = req.clone({
headers: req.headers.set('x-xsrf-token', xsrfToken),
});
}
return next.handle(request);
}
}
src/app/user/services/user.service.ts
+ 0
1
View file @ 50d2123c
...@@ -41,7 +41,6 @@ export class UserService { ...@@ -41,7 +41,6 @@ export class UserService {
} }
resetAuth() { resetAuth() {
localStorage.removeItem('xsrfToken');
this.logout().subscribe(); this.logout().subscribe();
this._user = null; this._user = null;
this._userStatusChangedSubject.next(false); this._userStatusChangedSubject.next(false);
......
src/app/user/user.module.ts
+ 9
0
View file @ 50d2123c
...@@ -6,6 +6,9 @@ import { UserComponents } from './components'; ...@@ -6,6 +6,9 @@ import { UserComponents } from './components';
import { FormsModule, ReactiveFormsModule } from '@angular/forms'; import { FormsModule, ReactiveFormsModule } from '@angular/forms';
import { UserGuards } from './guards'; import { UserGuards } from './guards';
import { SharedModule } from '../shared/shared.module'; import { SharedModule } from '../shared/shared.module';
import { HTTP_INTERCEPTORS } from '@angular/common/http';
import { XSRFTokenInterceptor } from './interceptors/xsrf-token.interceptor';
import { CookieService } from 'ngx-cookie-service';
@NgModule({ @NgModule({
imports: [ imports: [
...@@ -18,6 +21,12 @@ import { SharedModule } from '../shared/shared.module'; ...@@ -18,6 +21,12 @@ import { SharedModule } from '../shared/shared.module';
providers: [ providers: [
...UserGuards, ...UserGuards,
...UserServices, ...UserServices,
CookieService,
{
provide: HTTP_INTERCEPTORS,
useClass: XSRFTokenInterceptor,
multi: true,
},
], ],
declarations: [...UserComponents], declarations: [...UserComponents],
}) })
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment