Skip to content

Commit

Permalink
refactor as suggested in code review
Browse files Browse the repository at this point in the history
  • Loading branch information
@tsaleksandrova
tsaleksandrova committed Mar 2, 2021
1 parent 3619230 commit b5874bc
Show file tree
Hide file tree
Showing 5 changed files with 62 additions and 289 deletions.
8 changes: 4 additions & 4 deletions e2e/scenario/fixture/api.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,14 +85,14 @@ describe('api', function() {
expect(err.status).toBe(403);
});

request.csrf({
url: restServiceMockUrl + '/form'
}).then(function () {
request.authenticate(new CsrfAuthenticator({
csrfFetchUrl: restServiceMockUrl + '/form'
})).then(function () {
request.post(restServiceMockUrl + '/form').send({
field: 'value'
}).do().then(function (res) {
expect(res.status).toBe(200);
}).catch(function (err) {
}).catch(function () {
expect(true).toBeFalsy();
});
});
Expand Down
6 changes: 4 additions & 2 deletions e2e/scenario/fixture/mock/apiServiceMock.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ var csrf = require('csurf');

module.exports = function() {
var app = express();
// will also use a _csrf cookie (secret) and validate against it
var csrfProtection = csrf({
cookie: true
});
Expand Down Expand Up @@ -86,9 +87,10 @@ module.exports = function() {

app.get('/form', csrfProtection, function (req, res) {
if (req.headers['x-csrf-token'].toLowerCase() === 'fetch') {
res.set('x-csrf-token', req.csrfToken());
var csrfToken = req.csrfToken();
res.set('x-csrf-token', csrfToken);
res.send({
csrfToken: req.csrfToken()
csrfToken: csrfToken
});
} else {
res.sendStatus(200);
Expand Down
250 changes: 2 additions & 248 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit b5874bc

Please sign in to comment.