Skip to content

Commit

Permalink
returning csrf token from edge middleware in static-optimized-example
Browse files Browse the repository at this point in the history
  • Loading branch information
@amorey
amorey committed Oct 29, 2023
1 parent ec60aed commit a2da8e3
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 10 deletions.
7 changes: 0 additions & 7 deletions example-ts-appdir/app/static-optimized-example/csrf-token/route.ts
View file

This file was deleted.

6 changes: 3 additions & 3 deletions example-ts-appdir/app/static-optimized-example/page.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ export default function Page() {
// get form values
const data = new FormData(ev.currentTarget);

// get token
const resp = await fetch('/static-optimized-example/csrf-token');
const { csrfToken } = await resp.json();
// get token (see middleware.ts)
const csrfResp = await fetch('/csrf-token');
const { csrfToken } = await csrfResp.json();

// build fetch args
const fetchArgs = { method: 'POST', headers: {}, body: JSON.stringify(data) };
Expand Down
5 changes: 5 additions & 0 deletions example-ts-appdir/middleware.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,10 @@ export async function middleware(request: NextRequest) {
return new NextResponse('invalid csrf token', { status: 403 });
}

// return token (for use in static-optimized-example)
if (request.nextUrl.pathname === '/csrf-token') {
return NextResponse.json({ csrfToken: response.headers.get('X-CSRF-Token') || 'missing' });
}

return response;
}

0 comments on commit a2da8e3

Please sign in to comment.