This is a sample repository to demonstrate how to use .NET anti-forgery tokens in Sitecore JavaScript Services with both MVC and Web API controllers using out-of-the-box anti-forgery token validators. The demo API is also completely mocked in disconnected mode to show how this functionality can work in both disconnected and connected modes.
Clone this repository. The rest of the setup assumes you cloned to
C:\Projects\Sitecore\jss-anti-forgery-tokens.
- Run
npm installin /src/Project/JssRocks/client. - Run
jss start.
- Install an instance of Sitecore 9.1 Initial Release.
- The default install path is
C:\inetpub\wwwroot\jssaftokens.sitecore. - The default URL is
jssaftokens.sitecore.
- The default install path is
- Install Sitecore JavaScript Services 11.0.0.
- If you used a clone path, install directory, or URL different than the
defaults above, open
JssAntiForgeryTokens.sln and modify
the following files in the
.configfolder:CoreySmith.Project.Common.Dev.config- Change
sourceFolderto your repository directory.
- Change
CoreySmith.Project.JssRocks.Dev.config- Change
hostNameto the URL you used for your instance.
- Change
PublishSettings.targets- Change
publishUrlto the path of your Sitecore instance.
- Change
scjssconfig.json- Change
instancePathto the path of your Sitecore instance. - Change
deployUrlhost name to the host name of your Sitecore instance. - Change
layoutServiceHostto the URL of your Sitecore instance.
- Change
- Navigate to /src/Project/JssRocks/client and
deploy the JSS app with
jss deploy files.- Run
npm installin the directory if you haven't already.
- Run
- Build the solution in Visual Studio.
- This will publish all code to your instance thanks to Helix Publishing Pipeline.
- Note: you may need to reload the solution and build a second time if you get errors about missing assemblies/references when you load Sitecore.
- Perform a Unicorn sync at
/unicorn.aspx?verb=sync. - Navigate to your site at http://hostname.sitecore.