lib/super_settings/application/api.js in super_settings-0.0.0.rc1 vs lib/super_settings/application/api.js in super_settings-0.0.1.rc1
- old
+ new
@@ -34,11 +34,16 @@
method = (options.method || "get");
params = options.params
let queryParams = null;
const fetchOptions = {credentials: "same-origin"};
- const headers = Object.assign({"Accept": "application/json"}, SuperSettingsAPI.headers);
+ const accessToken = window.sessionStorage.getItem("super_settings_access_token");
+ const headers = {"Accept": "application/json"};
+ if (accessToken) {
+ headers["Authorization"] = "Bearer " + accessToken;
+ }
+ Object.assign(headers, SuperSettingsAPI.headers);
if (method === "POST") {
queryParams = Object.assign({}, SuperSettingsAPI.queryParams);
csrfParam = document.querySelector("meta[name=csrf-param]");
csrfToken = document.querySelector("meta[name=csrf-token]");
if (csrfParam && csrfToken) {
@@ -57,9 +62,11 @@
fetch(url, fetchOptions)
.then(
function(response) {
if (response.ok) {
return response.json();
+ } else if ((response.status === 401 || response.status === 403) && SuperSettingsAPI.authenticationUrl) {
+ window.location = SuperSettingsAPI.authenticationUrl;
} else {
throw( response.status + response.statusText)
}
}
).then(