sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-11 03:34:35 +00:00
Code Issues Projects Releases Wiki Activity

fix: added CSRF check for granting access via session authentication

Browse Source
This commit is contained in:
Saad Jutt
2022-04-30 05:04:27 +05:00
parent d47ed6d0e8
commit b060ad1b8e
8 changed files with 37 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
web/src/components/login.tsx
View File

@@ -10,13 +10,7 @@ const getAuthCode = async (credentials: any) =>
axios.post('/SASjsApi/auth/authorize', credentials).then((res) => res.data)
const login = async (payload: { username: string; password: string }) =>
axios.get('/form').then((res1) =>
axios
.post('/login', payload, {
headers: { 'csrf-token': res1.data.csrfToken }
})
.then((res2) => res2.data)
)
axios.post('/login', payload).then((res) => res.data)
const Login = ({ getCodeOnly }: any) => {
const location = useLocation()

1
web/src/context/appContext.tsx
View File

@@ -52,6 +52,7 @@ const AppContextProvider = (props: { children: ReactNode }) => {
})
.catch(() => {
setLoggedIn(false)
axios.get('/') // get CSRF TOKEN
})
}, [])