Skip to content

Commit

Permalink
try getting CSRF working
Browse files Browse the repository at this point in the history
  • Loading branch information
@louderthan10
louderthan10 committed Oct 7, 2024
1 parent c661f68 commit a4d018d
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 10 deletions.
10 changes: 4 additions & 6 deletions frontend/components/postForm.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,14 @@ import { useLazyAsyncData, useRuntimeConfig } from '#imports'
const config = useRuntimeConfig()
const message = ref('')
const title = ref('Post ')
const craftUrl = config.public.CRAFT_URL
const fetchCsrfToken = async () => {
try {
const response = await fetch(`${config.public.baseURL}/api/csrf`)
const response = await fetch('${config.public.BASE_URL}/api/csrf')
const data = await response.json()
return data.csrfToken
console('CSRF acquiered')
} catch (error) {
console.error('Error fetching CSRF token:', error)
return null
Expand All @@ -20,7 +22,7 @@ const fetchCsrfToken = async () => {
const { data: csrfToken } = useLazyAsyncData('csrfToken', fetchCsrfToken)
// Use the auto-generated composable for the createPost mutation
const { mutate: createPost, loading, error } = useCreatePostMutation()
//const { mutate: createPost, loading, error } = useGqlMutation(createPostMutation, { clientId: 'posts' })
const submitPost = async () => {
if (!csrfToken.value) {
Expand Down Expand Up @@ -49,10 +51,6 @@ const submitPost = async () => {

<template>
<form method="post" @submit.prevent="submitPost">
<div class="mb-6 mt-4">
<label for="title" class="font-bold">Title</label>
<input type="text" name="title" class="w-full px-6 py-4" required id="title" v-model="title">
</div>
<div class="mb-6 mt-4">
<label for="message" class="font-bold">Message</label>
<textarea name="message" class="w-full px-6 py-4" required id="message" v-model="message"></textarea>
Expand Down
2 changes: 2 additions & 0 deletions frontend/nuxt.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,13 @@ export default defineNuxtConfig({
devtools: { enabled: true },
modules: ["@nuxtjs/tailwindcss", "nuxt-graphql-client"],
runtimeConfig: {
CRAFT_URL: process.env.CRAFT_URL,
public: {
GQL_HOST: process.env.GQL_HOST,
AUTH_HEADER: process.env.AUTH_HEADER,
LIVE_PREVIEW: process.env.LIVE_PREVIEW === 'true',
CRAFT_URL: process.env.CRAFT_URL,
BASE_URL: process.env.BASE_URL
}
},
'graphql-client': {
Expand Down
19 changes: 15 additions & 4 deletions frontend/server/api/csrf.js
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,24 @@
export default defineEventHandler(async (event) => {
const config = useRuntimeConfig()
const craftUrl = config.public.CRAFT_URL
const craftUrl = config.CRAFT_URL

if (!craftUrl) {
console.error('CRAFT_URL is not defined in server environment') // Add this line for debugging
throw createError({
statusCode: 500,
statusMessage: 'CRAFT_URL is not defined in server environment',
})
}

try {
const response = await fetch(`${craftUrl}/index.php?actions/users/get-csrf-token`, {
credentials: 'include',
console.log('Fetching from:', `${craftUrl}/actions/users/session-info`) // Add this line for debugging
const response = await fetch(`${craftUrl}/actions/users/session-info`, {
headers: {
'Accept': 'application/json',
},
})
const data = await response.json()
return { csrfToken: data.csrfToken }
return { csrfToken: data.csrfTokenValue }
} catch (error) {
console.error('Error fetching CSRF token:', error)
throw createError({
Expand Down

0 comments on commit a4d018d

Please sign in to comment.