How to handle CSRF tokens with React Relay
I am busy working on a React Native app which talks to a GraphQL api off a Django server.
In React Native I am using React Relay to try and process my GraphQL requests (following the guide found here) but I am having 403 issues with my requests.
The response says CSRF token missing or incorrect and Im trying to figure out the best way to get this working.
I understand that I need to get a CSRF cookie token first then somehow pass that along with my GraphQL Post request but not having much luck. My current implementation of this is as follows...
fetch('http://' + ip + ':8000/sign-in/')
.then((response) => {
const cookieHeader = response.headers.map["set-cookie"]; // This gets me a cookie response with a CSRF token
fetch('http://' + ip + ':8000/graphql', {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Cookie': cookieHeader, // Try and pass the received cookie to my POST
'XSRF-TOKEN': cookieHeader // Trying this as well
},
body: JSON.stringify({
query: operation.text,
variables,
}),
}).then(response => {
console.log('RESPONSE', response) // Currently getting a 403
return response.json()
})
})
But this still gets me a 403 error.
I can't seem to find much more information on how to approach this. Can anybody tell where I'm going wrong, or some suggestions on how to otherwise approach this?
(below is a snapshot of my API requests)
So managed to get it working with the following...
return getCsrfToken().then(csrfToken => {
if (csrfToken == null) {
console.log('CSRF NOT SET')
}
const url = 'http://' + ip + '/graphql'
return fetch(url, {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRFToken': csrfToken
},
body: JSON.stringify({
query: operation.text,
variables,
}),
})
.then(response => {
return response.json()
})
.catch(error => {
console.log('POST ERROR', error)
})
});
function getCsrfToken() {
var url = 'http://' + ip + '/graphql';
return CookieManager.get(url).then(response => {
return response.csrftoken;
});
}
- rintrojs only shows first dialog in Safari
- Automatically read a column of lowercases True and False as logical
- How do I add counts to a stacked bar graph?
- Counting the number of rows between each pair of months?
- How to create a conditional panel using a reactive object that is passed from another module?
- Plot multiple normalized stock charts from different dates into a single plot
- Select columns based on string match - dplyr::select
- Looking for a more efficient way to replace matrix elements
- modelsummary modelplot: change linewidth
- custom R function with group argument does not work while using the filter
- ggsurvplot function, risk table alignment problem
- plot running average in ggplot2
- Calling variable in df within function
- How to find position of running minimum (runMin) in a vector in R?
- Using httr2::last_response() in conjunction with purrr::possibly()
- Cropping a raster using terra does not return the expected extent
- Can janitor::clean_names be used on only certain columns in a data frame?
- Efficient way of row binding time series in a data.table, with correctly sorted timestamps
- Defining optional arguments in R when more complex function
- Can I change the cursor in plotly only when hovering over points?
- Issue Loading RStoolbox: "Cannot find proj.db" Error
- Filter CSV files for specific value before importing
- Matching the same lines from 2 different files and 2 columns
- Conditional coloring and outer borders in pdf KableExtra table in R
- How can I use observe
- Posterior predictive check for GAM (mgcv in R)
- Embed images in plotly tick labels
- Product of two beta distributions
- R: how to include a character between two repeted items in R?
- Categorizing data from 7 columns into 2