Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express');
- const cookieParser = require('cookie-parser');
- const bodyParser = require('body-parser');
- const path = require('path');
- const http = require('http');
- const csurf = require('csurf');
- const app = express();
- const csrfProtection = csurf({
- cookie: {
- key: 'XSRF-TOKEN',
- path: '/'
- }
- });
- // Parser
- app.use(cookieParser());
- app.use(bodyParser.urlencoded({
- extended: false
- }));
- // Angular DIST output folder
- app.use(express.static(path.join(__dirname, 'dist')));
- // API location
- app.use('/api', csrfProtection, bodyParser.json(), api);
- // Send all other requests to the Angular app
- app.get('*', csrfProtection, (req, res) => {
- const cookie = req.csrfToken();
- console.log("COOKIE", cookie);
- res.cookie('XSRF-TOKEN', cookie);
- res.sendFile(path.join(__dirname, 'dist/index.html'));
- });
- // Set port
- const port = process.env.PORT || 3000;
- app.set('port', port);
- const server = http.createServer(app);
- server.listen(port, () => console.log(`Running on localhost:${port}`));
- import { Injectable } from '@angular/core';
- import { Http, Response, Headers } from '@angular/http';
- import 'rxjs/add/operator/toPromise';
- import 'rxjs/add/operator/map';
- import { AppService } from '../../shared/services';
- @Injectable()
- export class LoginService {
- constructor(private http: Http) { }
- login(cred: any): Promise<Response> {
- const HEADERS = new Headers();
- const csrfCookie = AppService.getCookie('XSRF-TOKEN');
- console.log(csrfCookie);
- if (csrfCookie) {
- HEADERS.append('csrf-token', csrfCookie);
- }
- console.log(HEADERS);
- return this.http.post('/api/login', JSON.stringify(cred), { headers: HEADERS })
- .map(res => res.json()).toPromise();
- }
- }
Add Comment
Please, Sign In to add comment
