anti forgery

2024-12-21 23:05:54 +00:00 · 2024-12-21 23:05:54 +00:00 · 01705c86fe
commit 01705c86fe
parent 107c4ef2d6
5 changed files with 34 additions and 2 deletions
--- a/EnotaryoPH/EnotaryoPH.Web/Assets/js/Page/_Page.js
+++ b/EnotaryoPH/EnotaryoPH.Web/Assets/js/Page/_Page.js
@ -0,0 +1,24 @@
+jfa.page = (function () {
+  function _getAlertContainer() {
+    return document.getElementById("ContainerAlert");
+  }
+
+  function _getAlertTemplate() {
+    return document.getElementById("AlertTemplate").cloneNode(true);
+  }
+
+  function _getAntiForgeryToken() {
+    return window.top.document.querySelector("[name='__RequestVerificationToken']")?.value;
+  }
+
+  function reload() {
+    window.location.reload();
+  }
+
+  return {
+    getAlertContainer: _getAlertContainer,
+    getAlertTemplate: _getAlertTemplate,
+    getAntiForgeryToken: _getAntiForgeryToken,
+    reload: reload
+  };
+})();
--- a/EnotaryoPH/EnotaryoPH.Web/Assets/js/Utilities/Request/_Request.js
+++ b/EnotaryoPH/EnotaryoPH.Web/Assets/js/Utilities/Request/_Request.js
@ -10,7 +10,7 @@
      headers: {
        'Accept': 'application/json',
        'Content-Type': 'application/json',
-        'X-XSRF-TOKEN': jfa.page.getAntiForgeryToken()
+        'RequestVerificationToken': jfa.page.getAntiForgeryToken()
      },
      body: data ? JSON.stringify(data) : data
    });
--- a/EnotaryoPH/EnotaryoPH.Web/Pages/Shared/_AntiForgeryPartial.cshtml
+++ b/EnotaryoPH/EnotaryoPH.Web/Pages/Shared/_AntiForgeryPartial.cshtml
@ -0,0 +1,7 @@
+@using Microsoft.AspNetCore.Antiforgery
+@inject Microsoft.AspNetCore.Http.IHttpContextAccessor httpContextAccessor
+@inject IAntiforgery antiforgery
+@{
+    var token = antiforgery.GetAndStoreTokens(httpContextAccessor.HttpContext).RequestToken;
+}
+<input type="hidden" value="@token" name="__RequestVerificationToken" id="__RequestVerificationToken" />
--- a/EnotaryoPH/EnotaryoPH.Web/Pages/Shared/_Layout.cshtml
+++ b/EnotaryoPH/EnotaryoPH.Web/Pages/Shared/_Layout.cshtml
@ -43,7 +43,7 @@
    </nav>

    @RenderBody()
-
+    <partial name="_AntiForgeryPartial.cshtml" />
    <footer class="text-center">
        <div class="container-fluid text-muted py-4 py-lg-5">
            <ul class="list-inline">
--- a/EnotaryoPH/EnotaryoPH.Web/gulpfile.js
+++ b/EnotaryoPH/EnotaryoPH.Web/gulpfile.js
@ -10,6 +10,7 @@ const bundles = {
    outputFileName: "wwwroot/dist/js/jfa.js",
    inputFiles: [
      "Assets/js/_Jfa.js",
+      "Assets/js/Page/_Page.js",
      "Assets/js/Utilities/Routing/_Routing.js",
      "Assets/js/Utilities/Element/_Element.js",
      "Assets/js/Utilities/Request/_Request.js",