Get rid of CSRF code in api.js
This commit is contained in:
Brian Picciano
parent
08811a6da7
commit
fa47baffb6
@ -1,7 +1,5 @@
|
|||||||
import * as utils from "/static/utils.js";
|
import * as utils from "/static/utils.js";
|
||||||
|
|
||||||
const csrfTokenCookie = "csrf_token";
|
|
||||||
|
|
||||||
const doFetch = async (req) => {
|
const doFetch = async (req) => {
|
||||||
let res, jsonRes;
|
let res, jsonRes;
|
||||||
try {
|
try {
|
||||||
@ -55,14 +53,8 @@ const call = async (route, opts = {}) => {
|
|||||||
requiresPow = false,
|
requiresPow = false,
|
||||||
} = opts;
|
} = opts;
|
||||||
|
|
||||||
if (!utils.cookies[csrfTokenCookie])
|
|
||||||
throw `${csrfTokenCookie} cookie not set, can't make api call`;
|
|
||||||
|
|
||||||
const reqOpts = {
|
const reqOpts = {
|
||||||
method,
|
method,
|
||||||
headers: {
|
|
||||||
"X-CSRF-Token": utils.cookies[csrfTokenCookie],
|
|
||||||
},
|
|
||||||
};
|
};
|
||||||
|
|
||||||
if (requiresPow) {
|
if (requiresPow) {
|
||||||
@ -92,12 +84,6 @@ const ws = async (route, opts = {}) => {
|
|||||||
const protocol = docURL.protocol == "http:" ? "ws:" : "wss:";
|
const protocol = docURL.protocol == "http:" ? "ws:" : "wss:";
|
||||||
|
|
||||||
const fullParams = new URLSearchParams(params);
|
const fullParams = new URLSearchParams(params);
|
||||||
const csrfToken = utils.cookies[csrfTokenCookie];
|
|
||||||
|
|
||||||
if (!csrfToken)
|
|
||||||
throw `${csrfTokenCookie} cookie not set, can't make api call`;
|
|
||||||
|
|
||||||
fullParams.set("csrfToken", csrfToken);
|
|
||||||
|
|
||||||
if (requiresPow) {
|
if (requiresPow) {
|
||||||
const {seed, solution} = await solvePow();
|
const {seed, solution} = await solvePow();
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user