Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d5fc36992f7ff0efee0dbe57778defdfd40fb016
edx-platform/lms/static/js/jwt_auth/AxiosCsrfTokenService.js
Syed Ali Abbas Zaidi 5549db4d80 fix: migrate remaining eslint-config-edx (#31760) 
* fix: migrate remaining eslint-config-edx

* refactor: updated eslint rules according to eslint-config-edx-es5

* refactor: add custom rules to suppress unnecessary eslint issues

* refactor: add custom rules to internal eslint configs

* fix: fix all indentation issues

* chore: update lock file
2023-03-02 16:16:50 +05:00

65 lines
2.2 KiB
JavaScript
Raw Blame History

/**
* Service class to support CSRF.
*
* Temporarily copied from the edx/frontend-platform
*/
import axios from 'axios';
import { getUrlParts, processAxiosErrorAndThrow } from './utils';
export default class AxiosCsrfTokenService {
constructor(csrfTokenApiPath) {
this.csrfTokenApiPath = csrfTokenApiPath;
this.httpClient = axios.create();
// Set withCredentials to true. Enables cross-site Access-Control requests
// to be made using cookies, authorization headers or TLS client
// certificates. More on MDN:
// https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
this.httpClient.defaults.withCredentials = true;
this.httpClient.defaults.headers.common['USE-JWT-COOKIE'] = true;
this.csrfTokenCache = {};
this.csrfTokenRequestPromises = {};
}
async getCsrfToken(url) {
let urlParts;
try {
urlParts = getUrlParts(url);
} catch (e) {
// If the url is not parsable it's likely because a relative
// path was supplied as the url. This is acceptable and in
// this case we should use the current origin of the page.
urlParts = getUrlParts(global.location.origin);
}
const { protocol, domain } = urlParts;
const csrfToken = this.csrfTokenCache[domain];
if (csrfToken) {
return csrfToken;
}
if (!this.csrfTokenRequestPromises[domain]) {
this.csrfTokenRequestPromises[domain] = this.httpClient
.get(`${protocol}://${domain}${this.csrfTokenApiPath}`)
.then((response) => {
this.csrfTokenCache[domain] = response.data.csrfToken;
return this.csrfTokenCache[domain];
})
.catch(processAxiosErrorAndThrow)
.finally(() => {
delete this.csrfTokenRequestPromises[domain];
});
}
return this.csrfTokenRequestPromises[domain];
}
clearCsrfTokenCache() {
this.csrfTokenCache = {};
}
getHttpClient() {
return this.httpClient;
}
}
Reference in New Issue View Git Blame Copy Permalink