Refactor code to update client's CSRF token endpoint

takoserver · Jul 15, 2024 · dd542d4 · dd542d4
1 parent 3a14c5f
commit dd542d4
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/islands/setup.tsx b/islands/setup.tsx
@@ -26,7 +26,7 @@ function setup() {
               ReqFormData.append("nickName", nickName);
               ReqFormData.append("age", age);
               ReqFormData.append("icon", icon);
-              const csrftokenReq = await fetch("/api/v2/client/sessions/csrf", {
+              const csrftokenReq = await fetch("/api/v2/client/csrftoken", {
                 method: "GET",
               });
               const csrftoken = await csrftokenReq.json();

diff --git a/routes/api/v2/client/csrftoken.ts b/routes/api/v2/client/csrftoken.ts
@@ -5,8 +5,11 @@ import csrfToken from "../../../../models/csrftoken.ts";
 import { getCookies } from "$std/http/cookie.ts";
 export const handler = {
   async GET(req: Request, ctx: any) {
-    if (!ctx.state.data.loggedIn) {
-      return ctx.json({ status: false, message: "You are not logged in" });
+    if (!ctx.state.data.loggedIn && ctx.state.data.isSetUp === false) {
+      return new Response(
+        JSON.stringify({ status: false, message: "You are not logged in" }),
+        { status: 401, headers: { "Content-Type": "application/json" } },
+      );
     }
     const array = new Uint8Array(64);
     crypto.getRandomValues(array);