revert!: fetching sanctum csrf cookie automatically

Author: alexzarbn

src/httpClient.ts

@@ -1,15 +1,11 @@
 import {HttpMethod} from './drivers/default/enums/httpMethod';
 import {Orion} from './orion';
 import {AxiosInstance, AxiosRequestConfig, AxiosResponse} from 'axios';
-import {AuthDriver} from "./drivers/default/enums/authDriver";
 
 export class HttpClient {
-	protected static csrfTokenFetched = false;
-
-	constructor(protected baseUrl: string, protected client: AxiosInstance, protected authDriver: AuthDriver) {
+	constructor(protected baseUrl: string, protected client: AxiosInstance) {
 		this.baseUrl = baseUrl;
 		this.client = client;
-		this.authDriver = authDriver;
 	}
 
 	public async request<Response extends Record<string, unknown>>(
@@ -27,10 +23,6 @@ export class HttpClient {
 
 		if (method !== HttpMethod.GET) {
 			config.data = data;
-
-			if (!HttpClient.csrfTokenFetched && this.authDriver === AuthDriver.Sanctum) {
-				await this.fetchCsrfToken();
-			}
 		}
 
 		return this.client.request<Response>(config);
@@ -60,44 +52,6 @@ export class HttpClient {
 		)
 	}
 
-	public async fetchCsrfToken(): Promise<void> {
-		if (this.authDriver !== AuthDriver.Sanctum) {
-			throw new Error(
-				`Current auth driver is set to "${this.authDriver}". Fetching CSRF cookie can only be used with "sanctum" driver.`
-			);
-		}
-
-		let response = null;
-
-		try {
-			response = await this
-				.getAxios()
-				.get(`sanctum/csrf-cookie`, {baseURL: Orion.getBaseUrl()});
-		} catch (error) {
-			throw new Error(
-				`Unable to retrieve XSRF token cookie due to network error. Please ensure that SANCTUM_STATEFUL_DOMAINS and SESSION_DOMAIN environment variables are configured correctly on the API side.`
-			);
-		}
-
-		const xsrfTokenPresent =
-			document.cookie
-				.split(';')
-				.filter((cookie: string) =>
-					cookie.includes(this.getAxios().defaults.xsrfCookieName || 'XSRF-TOKEN')
-				).length > 0;
-
-		if (!xsrfTokenPresent) {
-			console.log(`Response status: ${response.status}`);
-			console.log(`Response headers:`);
-			console.log(response.headers);
-			console.log(`Cookies: ${document.cookie}`);
-
-			throw new Error(
-				`XSRF token cookie is missing in the response. Please ensure that SANCTUM_STATEFUL_DOMAINS and SESSION_DOMAIN environment variables are configured correctly on the API side.`
-			);
-		}
-	}
-
 	public getAxios(): AxiosInstance {
 		return this.client;
 	}

src/orion.ts

@@ -94,7 +94,7 @@ export class Orion {
 			baseUrl = withPrefix ? Orion.getApiUrl() : Orion.getBaseUrl()
 		}
 
-		return new HttpClient(baseUrl, client, this.getAuthDriver());
+		return new HttpClient(baseUrl, client);
 	}
 
 	public static makeHttpClientUsing(callback: () => AxiosInstance): Orion {
@@ -116,4 +116,43 @@ export class Orion {
 
 		return config;
 	}
+
+	public static async csrf(): Promise<void> {
+		if (this.authDriver !== AuthDriver.Sanctum) {
+			throw new Error(
+				`Current auth driver is set to "${this.authDriver}". Fetching CSRF cookie can only be used with "sanctum" driver.`
+			);
+		}
+
+		const httpClient = Orion.makeHttpClient();
+		let response = null;
+
+		try {
+			response = await httpClient
+				.getAxios()
+				.get(`sanctum/csrf-cookie`, { baseURL: Orion.getBaseUrl() });
+		} catch (error) {
+			throw new Error(
+				`Unable to retrieve XSRF token cookie due to network error. Please ensure that SANCTUM_STATEFUL_DOMAINS and SESSION_DOMAIN environment variables are configured correctly on the API side.`
+			);
+		}
+
+		const xsrfTokenPresent =
+			document.cookie
+				.split(';')
+				.filter((cookie: string) =>
+					cookie.includes(httpClient.getAxios().defaults.xsrfCookieName || 'XSRF-TOKEN')
+				).length > 0;
+
+		if (!xsrfTokenPresent) {
+			console.log(`Response status: ${response.status}`);
+			console.log(`Response headers:`);
+			console.log(response.headers);
+			console.log(`Cookies: ${document.cookie}`);
+
+			throw new Error(
+				`XSRF token cookie is missing in the response. Please ensure that SANCTUM_STATEFUL_DOMAINS and SESSION_DOMAIN environment variables are configured correctly on the API side.`
+			);
+		}
+	}
 }

tests/integration/httpClient.test.ts

@@ -1,7 +1,6 @@
 import { Orion } from '../../src/orion';
 import makeServer from './drivers/default/server';
 import { HttpMethod } from '../../src/drivers/default/enums/httpMethod';
-import {AuthDriver} from "../../src/drivers/default/enums/authDriver";
 
 let server: any;
 
@@ -23,29 +22,4 @@ describe('HttpClient tests', () => {
 		const requests = server.pretender.handledRequests;
 		expect(requests[0].requestHeaders['Authorization']).toStrictEqual('Bearer test');
 	});
-
-	test('retrieving csrf cookie', async () => {
-		Orion.setAuthDriver(AuthDriver.Sanctum);
-
-		await Orion.makeHttpClient().fetchCsrfToken();
-
-		const requests = server.pretender.handledRequests;
-		expect(requests[0].url).toBe('https://api-mock.test/sanctum/csrf-cookie');
-	});
-
-	test('attempting to fetch csrf cookie with invalid driver', async () => {
-		Orion.setAuthDriver(AuthDriver.Passport);
-
-		try {
-			await Orion.makeHttpClient().fetchCsrfToken();
-			expect(false).toBeTruthy();
-		} catch (error) {
-			expect(error.message).toBe(
-				`Current auth driver is set to "${AuthDriver.Passport}". Fetching CSRF cookie can only be used with "sanctum" driver.`
-			);
-		}
-
-		const requests = server.pretender.handledRequests;
-		expect(requests).toHaveLength(0);
-	});
 });

tests/integration/orion.test.ts

@@ -0,0 +1,40 @@
+import { Orion } from '../../src/orion';
+import { AuthDriver } from '../../src/drivers/default/enums/authDriver';
+import makeServer from './drivers/default/server';
+
+let server: any;
+
+beforeEach(() => {
+	server = makeServer();
+});
+
+afterEach(() => {
+	server.shutdown();
+});
+
+describe('Orion tests', () => {
+	test('retrieving csrf cookie', async () => {
+		Orion.setAuthDriver(AuthDriver.Sanctum);
+
+		await Orion.csrf();
+
+		const requests = server.pretender.handledRequests;
+		expect(requests[0].url).toBe('https://api-mock.test/sanctum/csrf-cookie');
+	});
+
+	test('attempting to fetch csrf cookie with invalid driver', async () => {
+		Orion.setAuthDriver(AuthDriver.Passport);
+
+		try {
+			await Orion.csrf();
+			expect(false).toBeTruthy();
+		} catch (error) {
+			expect(error.message).toBe(
+				`Current auth driver is set to "${AuthDriver.Passport}". Fetching CSRF cookie can only be used with "sanctum" driver.`
+			);
+		}
+
+		const requests = server.pretender.handledRequests;
+		expect(requests).toHaveLength(0);
+	});
+});