From 6b89991ba8d29f5d44bab98dd7ec9e975bac6a4e Mon Sep 17 00:00:00 2001 From: Jesse Lucas Date: Sat, 14 Mar 2020 20:07:08 -0400 Subject: [PATCH] create cookie service to find CSRF header data --- src/app/cookie.service.spec.ts | 16 ++++++++++++ src/app/cookie.service.ts | 44 ++++++++++++++++++++++++++++++++ src/app/system-config.service.ts | 12 ++++----- 3 files changed, 65 insertions(+), 7 deletions(-) create mode 100644 src/app/cookie.service.spec.ts create mode 100644 src/app/cookie.service.ts diff --git a/src/app/cookie.service.spec.ts b/src/app/cookie.service.spec.ts new file mode 100644 index 000000000..43ea274f5 --- /dev/null +++ b/src/app/cookie.service.spec.ts @@ -0,0 +1,16 @@ +import { TestBed } from '@angular/core/testing'; + +import { CookieService } from './cookie.service'; + +describe('CookieService', () => { + let service: CookieService; + + beforeEach(() => { + TestBed.configureTestingModule({}); + service = TestBed.inject(CookieService); + }); + + it('should be created', () => { + expect(service).toBeTruthy(); + }); +}); diff --git a/src/app/cookie.service.ts b/src/app/cookie.service.ts new file mode 100644 index 000000000..a3bb17f3a --- /dev/null +++ b/src/app/cookie.service.ts @@ -0,0 +1,44 @@ +import { Injectable } from '@angular/core'; +import { deviceID } from './api-utils'; + +@Injectable({ + providedIn: 'root' +}) +export class CookieService { + + constructor() { } + + getCSRFHeader(): any { + const dID: String = deviceID(); + const csrfCookie = 'CSRF-Token-' + dID + const csrfHeader = {}; + csrfHeader['X-CSRF-Token-' + dID] = this.getCookie(csrfCookie); + return csrfHeader; + } + + getCookie(name: string): string { + let ca: Array = document.cookie.split(';'); + let caLen: number = ca.length; + let cookieName = `${name}=`; + let c: string; + + for (let i: number = 0; i < caLen; i += 1) { + c = ca[i].replace(/^\s+/g, ''); + if (c.indexOf(cookieName) == 0) { + return c.substring(cookieName.length, c.length); + } + } + return ''; + } + + deleteCookie(name): void { + this.setCookie(name, "", -1); + } + + setCookie(name: string, value: string, expireDays: number, path: string = ""): void { + let d: Date = new Date(); + d.setTime(d.getTime() + expireDays * 24 * 60 * 60 * 1000); + let expires: string = "expires=" + d.toUTCString(); + document.cookie = name + "=" + value + "; " + expires + (path.length > 0 ? "; path=" + path : ""); + } +} diff --git a/src/app/system-config.service.ts b/src/app/system-config.service.ts index 199164b7c..c01dfe1db 100644 --- a/src/app/system-config.service.ts +++ b/src/app/system-config.service.ts @@ -7,6 +7,8 @@ import { map } from 'rxjs/operators'; import { Folder } from './folder'; import { Device } from './device'; import { FOLDERS, DEVICES } from './mock-config-data'; +import { CookieService } from './cookie.service'; +import { apiURL } from './api-utils' @Injectable({ providedIn: 'root' @@ -17,18 +19,14 @@ export class SystemConfigService { private devices: Device[]; private foldersSubject: Subject = new Subject(); private devicesSubject: Subject = new Subject(); + private systemConfigUrl = apiURL + '/rest/system/config'; // URL to web api - private systemConfigUrl = 'http://127.0.0.1:8384/rest/system/config'; // URL to web api - httpOptions = { - // TODO find best way to get api key - // headers: new HttpHeaders({ 'X-API-Key': 'x' }) - }; + httpOptions = { headers: new HttpHeaders(this.cookieService.getCSRFHeader()) }; - constructor(private http: HttpClient) { } + constructor(private http: HttpClient, private cookieService: CookieService) { } ngOnInit(): void { } - getSystemConfig(): Observable { return this.http .get(this.systemConfigUrl, this.httpOptions)