ember-data-sails icon indicating copy to clipboard operation
ember-data-sails copied to clipboard

Published 20 hours ago verified publisher icon huafu

CSRF mismatch when sails restarted

Open shopapps opened this issue 9 years ago • 3 comments

Hi,

Is there an easy way for me to fix the issue where if I restart my sails server, then the Ember App reconnects the socket ok, however it does not refresh the CSRF token and so when i try and save a record I get an error Code 403 - CSRF mismatch from the sails server.

I tried inserting

this.set('csrfToken', false);

into line 380 of services/sails-socket.js but it did not seem to help me.. anyone else come across this issue before?

thanks.

Paul.

shopapps avatar Aug 03 '15 11:08 shopapps

Has anyone else experienced this or found a workaround at all? - thanks.

shopapps avatar Sep 16 '15 09:09 shopapps

As a workaround until I have time to work on this, you can call adapter.fetchCSRFToken(true) which is a promise.

(pm: sorry to answer that late, so so busy lately)

huafu avatar Oct 02 '15 03:10 huafu

That's no problem, thanks for your help.

Actually as an FYI, I did some more googling and discovered that by changing the session store in my sailsjs api (from internal memory to mongo in my case, but I assume redis would be the same), then the client side stored CSRF token is still 'valid' after a restart of the API.

So this masks/resolves the issue for me, but am still not sure if its a ember-data-sails problem or a sailsjs configuration issue.

shopapps avatar Oct 02 '15 08:10 shopapps