- add CSRF cookie

- remove token from src
- add name to login_info

app/panel/actions/PanelActions.js

@@ -137,6 +137,7 @@ export function fetchUser(user_id) {
 					type: LOGIN_DATA_SUCCESS,
 					data: user,
 				});
+				return user;
 			})
 			.catch(e => {
 				console.error(e);

app/panel/utils/api.js

@@ -4,6 +4,9 @@ import 'whatwg-fetch';
 let isRefreshing = false;
 const tokenRefreshedEventType = 'tokenRefreshed';
 const Config = {
+	auth_server : {
+		host: 'http://ghostery.io:8080'
+	},
 	account_server : {
 		host: 'http://ghostery.io:8081'
 	},
@@ -31,18 +34,29 @@ const _refreshToken = function () {
 	});
 };
 
-const _sendReq = (method, path, body) => (
-	fetch(`${Config.account_server.host}${path}`, { // eslint-disable-line no-undef
-		method,
-		headers: {
-			'Content-Type': 'application/vnd.api+json',
-			'Content-Length': Buffer.byteLength(JSON.stringify(body)),
-			'X-CSRF-Token': '' // TODO get cookie from conf,
-		},
-		body: JSON.stringify(body),
-		credentials: 'include',
-	})
-);
+const _sendReq = (method, path, body) => {
+	return new Promise((resolve, reject) => {
+		chrome.cookies.get({
+			url: 'http://ghostery.io', // ghostery.com || ghosterystage.com
+			name: 'user_id',
+		}, (cookie) => {
+			if (cookie) {
+				fetch(`${Config.account_server.host}${path}`, { // eslint-disable-line no-undef
+					method,
+					headers: {
+						'Content-Type': 'application/vnd.api+json',
+						'Content-Length': Buffer.byteLength(JSON.stringify(body)),
+						'X-CSRF-Token': cookie.value,
+					},
+					body: JSON.stringify(body),
+					credentials: 'include',
+				});
+			} else {
+				reject();
+			}
+		});
+	});
+}
 
 const _processResponse = res => (
 	new Promise((resolve, reject) => {

src/classes/ConfData.js

@@ -149,9 +149,7 @@ class ConfData {
 			_initProperty('login_info', {
 				logged_in: false,
 				email: '',
-				user_token: '',
-				decoded_user_token: {},
-				is_validated: false
+				user_id: '',
 			});
 		});
 	}

src/classes/PanelData.js

@@ -169,7 +169,6 @@ class PanelData {
 	get panelView() {
 		this._panelView = {
 			panel: {
-				decoded_user_token: this._confData.get('decoded_user_token'),
 				email: this._confData.get('email'),
 				enable_ad_block: this._confData.get('enable_ad_block'),
 				enable_anti_tracking: this._confData.get('enable_anti_tracking'),
@@ -188,6 +187,7 @@ class PanelData {
 				smartBlock: this._trackerData.get('smartBlock'),
 				tab_id: this._trackerData.get('tab_id'),
 				unread_offer_ids: rewards.unreadOfferIds,
+				user_id: this._confData.get('user_id'),
 			},
 			summary: this.summaryView,
 			blocking: this._confData.get('is_expert') ? this.blockingView : false,
@@ -301,7 +301,6 @@ class PanelData {
 			.set('block_by_default', conf.block_by_default)
 			.set('bugs_last_updated', conf.bugs_last_updated)
 			.set('categories', this._buildGlobalCategories())
-			.set('decoded_user_token', login_info.decoded_user_token)
 			.set('email', login_info.email)
 			.set('enable_ad_block', conf.enable_ad_block)
 			.set('enable_anti_tracking', conf.enable_anti_tracking)
@@ -312,14 +311,14 @@ class PanelData {
 			.set('enable_metrics', conf.enable_metrics)
 			.set('enable_offers', conf.enable_offers)
 			.set('enable_smart_block', conf.enable_smart_block)
-			.set('first_name', (login_info.decoded_user_token && login_info.decoded_user_token.ClaimFirstName))
+			.set('first_name', login_info.first_name)
 			.set('hide_alert_trusted', conf.hide_alert_trusted)
 			.set('ignore_first_party', conf.ignore_first_party)
 			.set('is_validated', login_info.is_validated)
 			.set('is_expanded', conf.is_expanded)
 			.set('is_expert', conf.is_expert)
 			.set('language', conf.language)
-			.set('last_name', (login_info.decoded_user_token && login_info.decoded_user_token.ClaimLastName))
+			.set('last_name', login_info.last_name)
 			.set('logged_in', login_info.logged_in)
 			.set('notify_library_updates', conf.notify_library_updates)
 			.set('notify_upgrade_updates', conf.notify_upgrade_updates)
@@ -340,6 +339,7 @@ class PanelData {
 			.set('site_whitelist', conf.site_whitelist)
 			.set('toggle_individual_trackers', conf.toggle_individual_trackers)
 			.set('trackers_banner_status', conf.trackers_banner_status)
+			.set('user_id', login_info.user_id)
 			.set('expand_all_trackers', conf.expand_all_trackers);
 	}
 

src/utils/accounts.js

@@ -60,14 +60,16 @@ const SYNC_SET = new Set(globals.SYNC_ARRAY);
  * @return {Promise} 				login info object
  */
 export function setLoginInfo(user) {
-	console.log('inside background setLoginInfo', user);
+	console.log('background setLoginInfo', user);
 	return new Promise((resolve, reject) => {
-		const { email, emailValidated, id } = user;
+		const { email, emailValidated, id, firstName, lastName } = user;
 		conf.login_info = {
 			logged_in: true,
 			user_id: id,
 			is_validated: emailValidated,
-			email
+			email,
+			first_name: firstName,
+			last_name: lastName,
 		};
 		resolve(conf.login_info);
 	});