try to get the CSRF token - w/o success & error 406

2025-01-15 14:28:40 +01:00
parent b6d7471408
commit cadb188a47
1 changed files with 60 additions and 28 deletions
--- a/src/admin-core/authProvider.ts
+++ b/src/admin-core/authProvider.ts
@@ -1,9 +1,47 @@
 import { AuthProvider, HttpError } from "react-admin";

 export const authProvider: AuthProvider = {
-  // @ts-ignore
-  // eslint-disable-next-line @typescript-eslint/no-unused-vars
  login: async ({ username, password }) => {
+    const responseLogin = await login(username, password);
+
+    if (responseLogin.status < 200 || responseLogin.status >= 300) {
+      return Promise.reject(
+        new HttpError("Unauthorized", 401, {
+          message: "Invalid username or password",
+        }),
+      );
+    }
+
+    const responseCSRF = await csrf();
+
+    console.log(responseCSRF);
+
+    const { access_token } = await responseLogin.json();
+    localStorage.setItem("user", access_token);
+    localStorage.setItem("token", access_token);
+
+    return Promise.resolve();
+  },
+  logout: () => {
+    localStorage.removeItem("user");
+    return Promise.resolve();
+  },
+  checkError: () => Promise.resolve(),
+  checkAuth: () =>
+    localStorage.getItem("user") ? Promise.resolve() : Promise.reject(),
+  getPermissions: () => {
+    return Promise.resolve(undefined);
+  },
+  getIdentity: () => {
+    const persistedUser = localStorage.getItem("user");
+    const user = persistedUser ? JSON.parse(persistedUser) : null;
+
+    return Promise.resolve(user);
+  },
+};
+
+// @ts-ignore
+const login = async (username, password) => {
  let response;

  try {
@@ -29,7 +67,24 @@ export const authProvider: AuthProvider = {
    );
  }

-    if (response.status < 200 || response.status >= 300) {
+  return response;
+};
+
+const csrf = async () => {
+  let response;
+
+  try {
+    response = await fetch(
+      new Request(`${import.meta.env.VITE_SECURITY_REST_URL}/csrf`, {
+        method: "GET",
+        credentials: "include",
+        headers: new Headers({
+          Accept: "Accept application/json, text/plain, */*",
+          Priority: "u=4",
+        }),
+      }),
+    );
+  } catch (_error) {
    return Promise.reject(
      new HttpError("Unauthorized", 401, {
        message: "Invalid username or password",
@@ -37,28 +92,5 @@ export const authProvider: AuthProvider = {
    );
  }

-    const { access_token } = await response.json();
-    localStorage.setItem("user", access_token);
-    localStorage.setItem("token", access_token);
-
-    return Promise.resolve();
-  },
-  logout: () => {
-    localStorage.removeItem("user");
-    return Promise.resolve();
-  },
-  checkError: () => Promise.resolve(),
-  checkAuth: () =>
-    localStorage.getItem("user") ? Promise.resolve() : Promise.reject(),
-  getPermissions: () => {
-    return Promise.resolve(undefined);
-  },
-  getIdentity: () => {
-    const persistedUser = localStorage.getItem("user");
-    const user = persistedUser ? JSON.parse(persistedUser) : null;
-
-    return Promise.resolve(user);
-  },
+  return response;
 };
-
-export default authProvider;