{"ast":null,"code":"var _jsxFileName = \"/home/jolvera/proj/next-csrf/example/pages/index.js\";\nimport React from \"react\";\nvar __jsx = React.createElement;\nimport Head from \"next/head\";\nimport styles from \"../styles/Home.module.css\";\nexport var __N_SSP = true;\nexport default function Home() {\n  // We send a request to setup the csrf token\n  // fetch(\"http://localhost:3000/api/csrf/setup\")\n  //   .then((response) => {\n  //     console.log(response);\n  //     if (response.ok) {\n  //       console.log(\"response ok\");\n  //       console.log(\"csrf token setup correctly\");\n  //       // console.log(\"cookies\", document.cookie);\n  //     }\n  //   })\n  //   .catch((error) => console.error(error));\n  var requestWithToken = function requestWithToken() {\n    return fetch(\"/api/protected\", {\n      method: \"post\"\n    }).then(function (response) {\n      if (response.ok) {\n        console.log(\"protected response ok\");\n        console.log(response);\n      }\n    })[\"catch\"](function (error) {\n      return console.error(error);\n    });\n  };\n\n  return __jsx(\"div\", {\n    className: styles.container,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 31,\n      columnNumber: 5\n    }\n  }, __jsx(Head, {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 32,\n      columnNumber: 7\n    }\n  }, __jsx(\"title\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 33,\n      columnNumber: 9\n    }\n  }, \"Create Next App\"), __jsx(\"link\", {\n    rel: \"icon\",\n    href: \"/favicon.ico\",\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 34,\n      columnNumber: 9\n    }\n  })), __jsx(\"main\", {\n    className: styles.main,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 37,\n      columnNumber: 7\n    }\n  }, __jsx(\"h1\", {\n    className: styles.title,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 38,\n      columnNumber: 9\n    }\n  }, \"Welcome to \", __jsx(\"a\", {\n    href: \"https://nextjs.org\",\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 39,\n      columnNumber: 22\n    }\n  }, \"Next.js!\")), __jsx(\"p\", {\n    className: styles.description,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 42,\n      columnNumber: 9\n    }\n  }, \"Get started by editing\", \" \", __jsx(\"code\", {\n    className: styles.code,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 44,\n      columnNumber: 11\n    }\n  }, \"pages/index.js\")), __jsx(\"div\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 47,\n      columnNumber: 9\n    }\n  }, __jsx(\"div\", {\n    className: styles.card,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 48,\n      columnNumber: 11\n    }\n  }, __jsx(\"h3\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 49,\n      columnNumber: 13\n    }\n  }, \"Send a request with a valid CSRF token\"), __jsx(\"p\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 51,\n      columnNumber: 13\n    }\n  }, \"Open the Web Console and click in the button below to see how a valid request works.\"), __jsx(\"button\", {\n    className: styles.button,\n    onClick: requestWithToken,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 56,\n      columnNumber: 13\n    }\n  }, \"With CSRF token\")), __jsx(\"div\", {\n    className: styles.card,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 61,\n      columnNumber: 11\n    }\n  }, __jsx(\"h3\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 62,\n      columnNumber: 13\n    }\n  }, \"Send a request without the CSRF token\"), __jsx(\"p\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 64,\n      columnNumber: 13\n    }\n  }, \"Because any request we send from the browser will have a cookie with the token attached, try to send a request from a terminal and see what happens with a missing or an invalid CSRF token.\"), __jsx(\"pre\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 70,\n      columnNumber: 13\n    }\n  }, __jsx(\"code\", {\n    className: styles.code,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 71,\n      columnNumber: 15\n    }\n  }, \"$ curl -X POST http://localhost:3000/api/protected\")), __jsx(\"pre\", {\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 76,\n      columnNumber: 13\n    }\n  }, __jsx(\"code\", {\n    className: styles.code,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 77,\n      columnNumber: 15\n    }\n  }, \">> {\\\"message\\\": \\\"Invalid CSRF token\\\"}\"))))), __jsx(\"footer\", {\n    className: styles.footer,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 85,\n      columnNumber: 7\n    }\n  }, __jsx(\"a\", {\n    href: \"https://vercel.com?utm_source=create-next-app&utm_medium=default-template&utm_campaign=create-next-app\",\n    target: \"_blank\",\n    rel: \"noopener noreferrer\",\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 86,\n      columnNumber: 9\n    }\n  }, \"Powered by\", \" \", __jsx(\"img\", {\n    src: \"/vercel.svg\",\n    alt: \"Vercel Logo\",\n    className: styles.logo,\n    __self: this,\n    __source: {\n      fileName: _jsxFileName,\n      lineNumber: 92,\n      columnNumber: 11\n    }\n  }))));\n}\n_c = Home;\n\nvar _c;\n\n$RefreshReg$(_c, \"Home\");","map":{"version":3,"sources":["/home/jolvera/proj/next-csrf/example/pages/index.js"],"names":["Head","styles","Home","requestWithToken","fetch","method","then","response","ok","console","log","error","container","main","title","description","code","card","button","footer","logo"],"mappings":";;;AAAA,OAAOA,IAAP,MAAiB,WAAjB;AACA,OAAOC,MAAP,MAAmB,2BAAnB;;AAGA,eAAe,SAASC,IAAT,GAAgB;AAC7B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,MAAMC,gBAAgB,GAAG,SAAnBA,gBAAmB;AAAA,WACvBC,KAAK,CAAC,gBAAD,EAAmB;AACtBC,MAAAA,MAAM,EAAE;AADc,KAAnB,CAAL,CAGGC,IAHH,CAGQ,UAACC,QAAD,EAAc;AAClB,UAAIA,QAAQ,CAACC,EAAb,EAAiB;AACfC,QAAAA,OAAO,CAACC,GAAR,CAAY,uBAAZ;AACAD,QAAAA,OAAO,CAACC,GAAR,CAAYH,QAAZ;AACD;AACF,KARH,WASS,UAACI,KAAD;AAAA,aAAWF,OAAO,CAACE,KAAR,CAAcA,KAAd,CAAX;AAAA,KATT,CADuB;AAAA,GAAzB;;AAYA,SACE;AAAK,IAAA,SAAS,EAAEV,MAAM,CAACW,SAAvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE,MAAC,IAAD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,uBADF,EAEE;AAAM,IAAA,GAAG,EAAC,MAAV;AAAiB,IAAA,IAAI,EAAC,cAAtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAFF,CADF,EAME;AAAM,IAAA,SAAS,EAAEX,MAAM,CAACY,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAI,IAAA,SAAS,EAAEZ,MAAM,CAACa,KAAtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBACa;AAAG,IAAA,IAAI,EAAC,oBAAR;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,gBADb,CADF,EAKE;AAAG,IAAA,SAAS,EAAEb,MAAM,CAACc,WAArB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,+BACyB,GADzB,EAEE;AAAM,IAAA,SAAS,EAAEd,MAAM,CAACe,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,sBAFF,CALF,EAUE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAK,IAAA,SAAS,EAAEf,MAAM,CAACgB,IAAvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,8CADF,EAGE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,4FAHF,EAQE;AAAQ,IAAA,SAAS,EAAEhB,MAAM,CAACiB,MAA1B;AAAkC,IAAA,OAAO,EAAEf,gBAA3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,uBARF,CADF,EAcE;AAAK,IAAA,SAAS,EAAEF,MAAM,CAACgB,IAAvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,6CADF,EAGE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oMAHF,EASE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAM,IAAA,SAAS,EAAEhB,MAAM,CAACe,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0DADF,CATF,EAeE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAM,IAAA,SAAS,EAAEf,MAAM,CAACe,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,gDADF,CAfF,CAdF,CAVF,CANF,EAsDE;AAAQ,IAAA,SAAS,EAAEf,MAAM,CAACkB,MAA1B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AACE,IAAA,IAAI,EAAC,wGADP;AAEE,IAAA,MAAM,EAAC,QAFT;AAGE,IAAA,GAAG,EAAC,qBAHN;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAKa,GALb,EAME;AAAK,IAAA,GAAG,EAAC,aAAT;AAAuB,IAAA,GAAG,EAAC,aAA3B;AAAyC,IAAA,SAAS,EAAElB,MAAM,CAACmB,IAA3D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IANF,CADF,CAtDF,CADF;AAmED;KA5FuBlB,I","sourcesContent":["import Head from \"next/head\";\nimport styles from \"../styles/Home.module.css\";\nimport { setup } from \"../lib/csrf\";\n\nexport default function Home() {\n  // We send a request to setup the csrf token\n  // fetch(\"http://localhost:3000/api/csrf/setup\")\n  //   .then((response) => {\n  //     console.log(response);\n  //     if (response.ok) {\n  //       console.log(\"response ok\");\n  //       console.log(\"csrf token setup correctly\");\n  //       // console.log(\"cookies\", document.cookie);\n  //     }\n  //   })\n  //   .catch((error) => console.error(error));\n\n  const requestWithToken = () =>\n    fetch(\"/api/protected\", {\n      method: \"post\",\n    })\n      .then((response) => {\n        if (response.ok) {\n          console.log(\"protected response ok\");\n          console.log(response);\n        }\n      })\n      .catch((error) => console.error(error));\n\n  return (\n    <div className={styles.container}>\n      <Head>\n        <title>Create Next App</title>\n        <link rel=\"icon\" href=\"/favicon.ico\" />\n      </Head>\n\n      <main className={styles.main}>\n        <h1 className={styles.title}>\n          Welcome to <a href=\"https://nextjs.org\">Next.js!</a>\n        </h1>\n\n        <p className={styles.description}>\n          Get started by editing{\" \"}\n          <code className={styles.code}>pages/index.js</code>\n        </p>\n\n        <div>\n          <div className={styles.card}>\n            <h3>Send a request with a valid CSRF token</h3>\n\n            <p>\n              Open the Web Console and click in the button below to see how a\n              valid request works.\n            </p>\n\n            <button className={styles.button} onClick={requestWithToken}>\n              With CSRF token\n            </button>\n          </div>\n\n          <div className={styles.card}>\n            <h3>Send a request without the CSRF token</h3>\n\n            <p>\n              Because any request we send from the browser will have a cookie\n              with the token attached, try to send a request from a terminal and\n              see what happens with a missing or an invalid CSRF token.\n            </p>\n\n            <pre>\n              <code className={styles.code}>\n                $ curl -X POST http://localhost:3000/api/protected\n              </code>\n            </pre>\n\n            <pre>\n              <code className={styles.code}>\n                {`>> {\"message\": \"Invalid CSRF token\"}`}\n              </code>\n            </pre>\n          </div>\n        </div>\n      </main>\n\n      <footer className={styles.footer}>\n        <a\n          href=\"https://vercel.com?utm_source=create-next-app&utm_medium=default-template&utm_campaign=create-next-app\"\n          target=\"_blank\"\n          rel=\"noopener noreferrer\"\n        >\n          Powered by{\" \"}\n          <img src=\"/vercel.svg\" alt=\"Vercel Logo\" className={styles.logo} />\n        </a>\n      </footer>\n    </div>\n  );\n}\n\nexport const getServerSideProps = setup(async () => {\n  return { props: {} };\n});\n"]},"metadata":{},"sourceType":"module"}