Sha256: 570c8c7afbff16c717f712f57404d833e0a33d1179a2f7b174292b0f5ceaf4f6
Contents?: true
Size: 1011 Bytes
Versions: 2
Compression:
Stored size: 1011 Bytes
Contents
module AngularRailsCsrf
module Concern
extend ActiveSupport::Concern
included do
after_action :set_xsrf_token_cookie
end
def set_xsrf_token_cookie
if protect_against_forgery? && !respond_to?(:__exclude_xsrf_token_cookie?)
config = Rails.application.config
domain = config.respond_to?(:angular_rails_csrf_domain) ? config.angular_rails_csrf_domain : nil
cookies['XSRF-TOKEN'] = { value: form_authenticity_token, domain: domain }
end
end
def verified_request?
if respond_to?(:valid_authenticity_token?, true)
super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
else
super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
end
end
module ClassMethods
def exclude_xsrf_token_cookie
self.class_eval do
def __exclude_xsrf_token_cookie?
true
end
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| angular_rails_csrf-3.1.0 | lib/angular_rails_csrf/concern.rb |
| angular_rails_csrf-3.0.0 | lib/angular_rails_csrf/concern.rb |