ascribe/onion
1
0
Fork 0
mirror of https://github.com/ascribe/onion.git synced 2024-12-22 17:33:14 +01:00
Code Issues Releases Wiki Activity

Add csrf utils

Browse Source
This commit is contained in:
Brett Sun 2016-06-14 13:37:33 +02:00
parent c2eb37506a
commit fc153f4ab7
7 changed files with 36 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
js/components/ascribe_detail/further_details_fileuploader.js
View File

@ -9,7 +9,7 @@ import ReactS3FineUploader from './../ascribe_uploader/react_s3_fine_uploader';
import AppConstants from '../../constants/application_constants';
import { validationTypes } from '../../constants/uploader_constants';
import { getCookie } from '../../utils/fetch_api';
import { makeCsrfHeader } from '../../utils/csrf';
import { getLangText } from '../../utils/lang';
import { resolveUrl } from '../../utils/url_resolver';
@ -82,9 +82,7 @@ let FurtherDetailsFileuploader = React.createClass({
enabled: true,
method: 'DELETE',
endpoint: `${AppConstants.serverUrl}/s3/delete`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
isReadyForFormSubmission={isReadyForFormSubmission}
keyRoutine={{
@ -97,9 +95,7 @@ let FurtherDetailsFileuploader = React.createClass({
setIsUploadReady={setIsUploadReady}
session={{
endpoint: `${AppConstants.serverUrl}/api/blob/otherdatas/fineuploader_session/`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
},
customHeaders: makeCsrfHeader(),
params: {
'pk': otherDataIds
},
@ -110,9 +106,7 @@ let FurtherDetailsFileuploader = React.createClass({
}}
signature={{
endpoint: `${AppConstants.serverUrl}/s3/signature/`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
submitFile={submitFile}
showErrorPrompt={showErrorPrompt}

10
js/components/ascribe_forms/input_fineuploader.js
View File

@ -7,7 +7,7 @@ import FileDragAndDrop from '../ascribe_uploader/ascribe_file_drag_and_drop/file
import AppConstants from '../../constants/application_constants';
import { getCookie } from '../../utils/fetch_api';
import { makeCsrfHeader } from '../../utils/csrf';
const { func, bool, oneOf } = React.PropTypes;
@ -122,17 +122,13 @@ const InputFineUploader = React.createClass({
showErrorPrompt={showErrorPrompt}
signature={{
endpoint: `${AppConstants.serverUrl}/s3/signature/`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
deleteFile={{
enabled: true,
method: 'DELETE',
endpoint: `${AppConstants.serverUrl}/s3/delete`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
enableLocalHashing={enableLocalHashing}
uploadMethod={uploadMethod}

10
js/components/ascribe_settings/contract_settings_update_button.js
View File

@ -14,7 +14,7 @@ import AppConstants from '../../constants/application_constants';
import { validationTypes } from '../../constants/uploader_constants';
import { formSubmissionValidation } from '../ascribe_uploader/react_s3_fine_uploader_utils';
import { getCookie } from '../../utils/fetch_api';
import { makeCsrfHeader } from '../../utils/csrf';
import { getLangText } from '../../utils/lang';
import { resolveUrl } from '../../utils/url_resolver';
@ -76,17 +76,13 @@ let ContractSettingsUpdateButton = React.createClass({
setIsUploadReady={() =>{/* So that ReactS3FineUploader is not complaining */}}
signature={{
endpoint: `${AppConstants.serverUrl}/s3/signature/`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
deleteFile={{
enabled: true,
method: 'DELETE',
endpoint: `${AppConstants.serverUrl}/s3/delete`,
customHeaders: {
'X-CSRFToken': getCookie(AppConstants.csrftoken)
}
customHeaders: makeCsrfHeader()
}}
fileClassToUpload={{
singular: getLangText('UPDATE'),

11
js/components/ascribe_uploader/react_s3_fine_uploader.js
View File

@ -15,12 +15,11 @@ import ErrorQueueStore from '../../stores/error_queue_store';
import GlobalNotificationModel from '../../models/global_notification_model';
import GlobalNotificationActions from '../../actions/global_notification_actions';
import AppConstants from '../../constants/application_constants';
import { ErrorClasses, testErrorAgainstAll } from '../../constants/error_constants';
import { RETRY_ATTEMPT_TO_SHOW_CONTACT_US, ENDPOINTS } from '../../constants/uploader_constants';
import { displayValidFilesFilter, FileStatus, transformAllowedExtensionsToInputAcceptProp } from './react_s3_fine_uploader_utils';
import { getCookie } from '../../utils/fetch_api';
import { getCsrfToken, makeCsrfHeader } from '../../utils/csrf';
import { computeHashOfFile, extractFileExtensionFromString } from '../../utils/file';
import { getLangText } from '../../utils/lang';
@ -215,7 +214,7 @@ const ReactS3FineUploader = React.createClass({
return {
filesToUpload: [],
uploader: this.createNewFineUploader(),
csrfToken: getCookie(AppConstants.csrftoken),
csrfToken: getCsrfToken(),
errorState: {
manualRetryAttempt: 0,
errorClass: null
@ -235,7 +234,7 @@ const ReactS3FineUploader = React.createClass({
// since the csrf header is defined in this component's props,
// everytime the csrf cookie is changed we'll need to reinitalize
// fineuploader and update the actual csrf token
let potentiallyNewCSRFToken = getCookie(AppConstants.csrftoken);
let potentiallyNewCSRFToken = getCsrfToken();
if(this.state.csrfToken !== potentiallyNewCSRFToken) {
this.setState({
uploader: this.createNewFineUploader(),
@ -318,7 +317,7 @@ const ReactS3FineUploader = React.createClass({
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRFToken': getCookie(AppConstants.csrftoken)
...makeCsrfHeader()
},
credentials: 'include',
body: JSON.stringify({
@ -361,7 +360,7 @@ const ReactS3FineUploader = React.createClass({
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRFToken': getCookie(AppConstants.csrftoken)
...makeCsrfHeader()
},
credentials: 'include',
body: JSON.stringify({

1
js/constants/application_constants.js
View File

@ -13,7 +13,6 @@ const constants = {
'acl_withdraw_transfer', 'acl_wallet_submit'],
'version': 0.1,
'csrftoken': 'csrftoken2',
'subdomains': [
{
'subdomain': 'cc',

7
js/constants/csrf_constants.js Normal file
View File

@ -0,0 +1,7 @@
export const CSRF_COOKIE_NAME = 'csrftoken2';
export const CSRF_CUSTOM_HEADER_NAME = 'X-CSRFToken';
export default {
CSRF_COOKIE_NAME,
CSRF_CUSTOM_HEADER_NAME
};

14
js/utils/csrf.js Normal file
View File

@ -0,0 +1,14 @@
import { getCookie } from './cookie.js';
import { CSRF_COOKIE_NAME, CSRF_CUSTOM_HEADER_NAME } from '../constants/csrf_constants';
export function getCsrfToken() {
return getCookie(CSRF_COOKIE_NAME);
}
export function makeCsrfHeader(csrfToken = getCsrfToken()) {
return csrfToken ? {
[CSRF_CUSTOM_HEADER_NAME]: csrfToken
} : {};
}