fix: consume swagger api with CSRF

2026-01-08 23:10:05 +00:00 · 2022-05-01 06:07:17 +05:00
parent 6d34206bbc
commit 5aaac24080
6 changed files with 67 additions and 25 deletions
--- a/api/src/controllers/web.ts
+++ b/api/src/controllers/web.ts
@@ -1,10 +1,23 @@
+import path from 'path'
 import express from 'express'
 import { Request, Route, Tags, Post, Body, Get } from 'tsoa'
+import { readFile } from '@sasjs/utils'
+
 import User from '../model/User'
+import { getWebBuildFolderPath } from '../utils'

@Route('/')
@Tags('Web')
 export class WebController {
+  /**
+   * @summary Render index.html
+   *
+   */
+  @Get('/')
+  public async home(@Request() req: express.Request) {
+    return home(req)
+  }
+
  /**
   * @summary Accept a valid username/password
   *
@@ -31,6 +44,19 @@ export class WebController {
  }
 }

+const home = async (req: express.Request) => {
+  const indexHtmlPath = path.join(getWebBuildFolderPath(), 'index.html')
+
+  // Attention! Cannot use fileExists here,
+  // due to limitation after building executable
+  const content = await readFile(indexHtmlPath)
+
+  req.res?.cookie('XSRF-TOKEN', req.csrfToken())
+  req.res?.setHeader('Content-Type', 'text/html')
+
+  return content
+}
+
 const login = async (
  req: express.Request,
  { username, password }: LoginPayload