add csrf token saving

This commit is contained in:
Arthur Lu 2022-12-15 23:15:52 -08:00
parent 2c7121d84a
commit b63a9b254f
2 changed files with 3 additions and 2 deletions

View File

@ -13,7 +13,7 @@ function init (){
try { try {
status.innerText = "Authenticating..."; status.innerText = "Authenticating...";
let ticket = await requestTicket(formData.get("username"), formData.get("password")); let ticket = await requestTicket(formData.get("username"), formData.get("password"));
setTicket(ticket.data.ticket); setTicket(ticket.data.ticket, ticket.data.CSRFPreventionToken);
window.location.href = "index.html"; window.location.href = "index.html";
} }
catch (error) { catch (error) {

View File

@ -18,10 +18,11 @@ export async function requestTicket (username, password) {
return response; return response;
} }
export function setTicket (ticket) { export function setTicket (ticket, csrf) {
let d = new Date(); let d = new Date();
d.setTime(d.getTime() + (2*60*60*1000)); d.setTime(d.getTime() + (2*60*60*1000));
document.cookie = `PVEAuthCookie=${ticket}; path=/; expires=${d.toUTCString()}; domain=.tronnet.net`; document.cookie = `PVEAuthCookie=${ticket}; path=/; expires=${d.toUTCString()}; domain=.tronnet.net`;
document.cookie = `CSRFPreventionToken=${csrf}; path=/; expires=${d.toUTCString()}; domain=.tronnet.net;`
} }
export async function request (path, method, body = null, auth = true) { export async function request (path, method, body = null, auth = true) {