Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Swapped CSRF initializer for a Mixin #39

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Swapped CSRF initializer for a Mixin #39

wants to merge 1 commit into from

Conversation

kobsy
Copy link

@kobsy kobsy commented Mar 6, 2019

For projects that don't use jQuery, the initializer trying to set $.ajaxPrefilter is a show-stopper. Instead of having this as part of an initializer, I opted to follow ember-simple-auth's lead in creating a mixin for an Ember Data adapter. While adding the extra step for the user of including the mixin to an application's adapter, this approach would additionally allow for an app to conditionally add the CSRF token when making requests of servers other than its Rails API.

Thoughts?

Closes #36 and #38

@DuBistKomisch
Copy link

Unless I'm missing something, this actually doesn't work without some minor tweaks I've made here: DuBistKomisch@85fe7f7

@kobsy
Swapped CSRF initializer for a Mixin
5a29371 
For projects that don't use jQuery, the initializer trying to set `$.ajaxPrefilter` is a show-stopper. Instead of having this as part of an initializer, I opted to follow `ember-simple-auth`'s lead in creating a mixin for an Ember Data adapter. While adding the extra step of including the mixin to an application's adapter, this approach would additionally allow for an app to conditionally add the CSRF token when making requests of servers other than its Rails API.
@kobsy
Copy link
Author

kobsy commented May 30, 2019

Huh! Good catch @DuBistKomisch. When I made the change, I just used the existing structure of the add-on, but it seems odd that it was using app instead of addon for the directory structure in the first place. 🤔 In any case, I've moved the mixin to addon as per your suggestion. Thanks! 😁

@DuBistKomisch
Copy link

DuBistKomisch commented May 31, 2019
edited
Loading

Actually ended up with an even better idea... you can define a headers property which is used automatically, instead of manually messing with the XHR: DuBistKomisch@adbb5ae

if the CSRF changes you can add .volatile() to the computed property, but it doesn't seem to change in my testing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Optional CSRF Tokens
2 participants
@kobsy @DuBistKomisch