Skip to content

Instantly share code, notes, and snippets.

@bowbahdoe
Last active October 11, 2017 16:15
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save bowbahdoe/d63d6468a20fcf289c278938de6fc7fa to your computer and use it in GitHub Desktop.
'use strict'
/*
This module contains all the code required for working with the swagger backend
*/
const Swagger = require('swagger-client')
const cookie = require('cookie')
const _ = require('lodash')
const CSRFTOKEN = cookie.parse(document.cookie).csrftoken
const SPEC_URL =
`${window.location.protocol}//${window.location.host}/docs?format=openapi`
/**
returns if the given httpMethod should send a csrftoken with the request
*/
function shouldSendCSRF(httpMethod) {
return !(['GET', 'HEAD', 'OPTIONS', 'TRACE'].includes(httpMethod))
}
/**
Mutates req to have an X-CSRFToken header with a value of csrftoken if the
method of req is an unsafe http method
*/
function attachCSRF(req, csrftoken) {
if(shouldSendCSRF(req.method)) {
req.headers['X-CSRFToken'] = csrftoken
}
return req
}
/**
returns a swagger client using the given swagger_spec that properly handles
passing a csrftoken
*/
async function makeSwaggerClient(swagger_spec, csrftoken) {
return Swagger({
url: `data:application/json,${swagger_spec}`,
requestInterceptor: req => attachCSRF(req, csrftoken)
})
}
/**
returns a Swagger client given the url for its spec and a csrftoken to attach
to unsafe requests
*/
async function getClientFromSpec(spec_url, csrftoken) {
let res = await fetch(spec_url)
let json = await res.json()
let spec = JSON.stringify(json)
return makeSwaggerClient(spec, csrftoken)
}
export
const getClient = _.memoize(async () => getClientFromSpec(SPEC_URL, CSRFTOKEN))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment