paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-11-03 03:16:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Frontend: CSRF support

Browse Source
This commit is contained in:
Jonas Winkler
2020-11-11 20:19:57 +01:00
parent 5a658b7ad6
commit 5d0434fd03
5 changed files with 63 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src-ui/package-lock.json generated
View File

@@ -8260,6 +8260,14 @@
"moment": "2.18.1" "moment": "2.18.1"
} }
}, },
"ngx-cookie-service": {
"version": "10.1.1",
"resolved": "https://registry.npmjs.org/ngx-cookie-service/-/ngx-cookie-service-10.1.1.tgz",
"integrity": "sha512-HvBrYHdxMN1NvFJGEIF/8EuAg2fjxj8QwqTv9h6qZGqNLU+lUba8Pb2zRPw1YA+gqKkJawOy5dYNeH0kyPyipw==",
"requires": {
"tslib": "^2.0.0"
}
},
"ngx-file-drop": { "ngx-file-drop": {
"version": "10.0.0", "version": "10.0.0",
"resolved": "https://registry.npmjs.org/ngx-file-drop/-/ngx-file-drop-10.0.0.tgz", "resolved": "https://registry.npmjs.org/ngx-file-drop/-/ngx-file-drop-10.0.0.tgz",

1
src-ui/package.json
View File

@@ -23,6 +23,7 @@
"@ng-bootstrap/ng-bootstrap": "^8.0.0", "@ng-bootstrap/ng-bootstrap": "^8.0.0",
"bootstrap": "^4.5.0", "bootstrap": "^4.5.0",
"ng-bootstrap": "^1.6.3", "ng-bootstrap": "^1.6.3",
"ngx-cookie-service": "^10.1.1",
"ngx-file-drop": "^10.0.0", "ngx-file-drop": "^10.0.0",
"ngx-infinite-scroll": "^9.1.0", "ngx-infinite-scroll": "^9.1.0",
"rxjs": "~6.6.0", "rxjs": "~6.6.0",

9
src-ui/src/app/app.module.ts
View File

@@ -39,6 +39,8 @@ import { InfiniteScrollModule } from 'ngx-infinite-scroll';
import { DateTimeComponent } from './components/common/input/date-time/date-time.component'; import { DateTimeComponent } from './components/common/input/date-time/date-time.component';
import { TagsComponent } from './components/common/input/tags/tags.component'; import { TagsComponent } from './components/common/input/tags/tags.component';
import { SortableDirective } from './directives/sortable.directive'; import { SortableDirective } from './directives/sortable.directive';
import { CookieService } from 'ngx-cookie-service';
import { CsrfInterceptor } from './interceptors/csrf.interceptor';
@NgModule({ @NgModule({
declarations: [ declarations: [
@@ -85,7 +87,12 @@ import { SortableDirective } from './directives/sortable.directive';
InfiniteScrollModule InfiniteScrollModule
], ],
providers: [ providers: [
DatePipe DatePipe,
CookieService, {
provide: HTTP_INTERCEPTORS,
useClass: CsrfInterceptor,
multi: true
}
], ],
bootstrap: [AppComponent] bootstrap: [AppComponent]
}) })

16
src-ui/src/app/interceptors/csrf.interceptor.spec.ts Normal file
View File

@@ -0,0 +1,16 @@
import { TestBed } from '@angular/core/testing';
import { CsrfInterceptor } from './csrf.interceptor';
describe('CsrfInterceptor', () => {
beforeEach(() => TestBed.configureTestingModule({
providers: [
CsrfInterceptor
]
}));
it('should be created', () => {
const interceptor: CsrfInterceptor = TestBed.inject(CsrfInterceptor);
expect(interceptor).toBeTruthy();
});
});

30
src-ui/src/app/interceptors/csrf.interceptor.ts Normal file
View File

@@ -0,0 +1,30 @@
import { Injectable } from '@angular/core';
import {
HttpRequest,
HttpHandler,
HttpEvent,
HttpInterceptor
} from '@angular/common/http';
import { Observable } from 'rxjs';
import { CookieService } from 'ngx-cookie-service';
@Injectable()
export class CsrfInterceptor implements HttpInterceptor {
constructor(private cookieService: CookieService) {
}
intercept(request: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
let csrfToken = this.cookieService.get('csrftoken')
if (csrfToken) {
request = request.clone({
setHeaders: {
'X-CSRFToken': csrfToken
}
})
}
return next.handle(request);
}
}