1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 | const TOKEN_COOKIE_NAME = 'ckCsrfToken';
|
13 | const TOKEN_LENGTH = 40;
|
14 | const tokenCharset = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
15 |
|
16 |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 | export function getCsrfToken() {
|
24 | let token = getCookie( TOKEN_COOKIE_NAME );
|
25 |
|
26 | if ( !token || token.length != TOKEN_LENGTH ) {
|
27 | token = generateToken( TOKEN_LENGTH );
|
28 | setCookie( TOKEN_COOKIE_NAME, token );
|
29 | }
|
30 |
|
31 | return token;
|
32 | }
|
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
|
40 | export function getCookie( name ) {
|
41 | name = name.toLowerCase();
|
42 | const parts = document.cookie.split( ';' );
|
43 |
|
44 | for ( const part of parts ) {
|
45 | const pair = part.split( '=' );
|
46 | const key = decodeURIComponent( pair[ 0 ].trim().toLowerCase() );
|
47 |
|
48 | if ( key === name ) {
|
49 | return decodeURIComponent( pair[ 1 ] );
|
50 | }
|
51 | }
|
52 |
|
53 | return null;
|
54 | }
|
55 |
|
56 |
|
57 |
|
58 |
|
59 |
|
60 |
|
61 |
|
62 | export function setCookie( name, value ) {
|
63 | document.cookie = encodeURIComponent( name ) + '=' + encodeURIComponent( value ) + ';path=/';
|
64 | }
|
65 |
|
66 |
|
67 |
|
68 |
|
69 |
|
70 |
|
71 | function generateToken( length ) {
|
72 | let result = '';
|
73 | const randValues = new Uint8Array( length );
|
74 |
|
75 | window.crypto.getRandomValues( randValues );
|
76 |
|
77 | for ( let j = 0; j < randValues.length; j++ ) {
|
78 | const character = tokenCharset.charAt( randValues[ j ] % tokenCharset.length );
|
79 | result += Math.random() > 0.5 ? character.toUpperCase() : character;
|
80 | }
|
81 |
|
82 | return result;
|
83 | }
|