From 8e1d6fee54221af8463fd97b24edcb69aa5fbaee Mon Sep 17 00:00:00 2001 From: Ben Wheeler Date: Mon, 7 Jan 2019 11:29:14 -0500 Subject: [PATCH] love and favorite proxy, and use x-requested-with header --- src/lib/api.js | 2 +- src/redux/preview.js | 90 ++++++++++++++++++++++++++++++ src/views/preview/project-view.jsx | 4 +- 3 files changed, 93 insertions(+), 3 deletions(-) diff --git a/src/lib/api.js b/src/lib/api.js index c226d7929..88b806f32 100644 --- a/src/lib/api.js +++ b/src/lib/api.js @@ -12,7 +12,7 @@ const urlParams = require('./url-params'); * CSRF forgeries (see: https://www.squarefree.com/securitytips/web-developers.html#CSRF) * * It also takes in other arguments specified in the xhr library spec. - * + * * @param {object} opts optional xhr args (see above) * @param {Function} callback [description] */ diff --git a/src/redux/preview.js b/src/redux/preview.js index 9cc1f1a42..24b746ca0 100644 --- a/src/redux/preview.js +++ b/src/redux/preview.js @@ -574,6 +574,51 @@ module.exports.setFavedStatus = (faved, id, username, token) => (dispatch => { } }); +module.exports.setFavedStatusViaProxy = (faved, id, username, token) => (dispatch => { + dispatch(module.exports.setFetchStatus('faved', module.exports.Status.FETCHING)); + if (faved) { + api({ + uri: `/proxy/projects/${id}/favorites/user/${username}`, + authentication: token, + withCredentials: true, + method: 'POST', + useCsrf: true, + headers: {'X-Requested-With': 'XMLHttpRequest'} + }, (err, body, res) => { + if (err || res.statusCode !== 200) { + dispatch(module.exports.setError(err)); + return; + } + if (typeof body === 'undefined') { + dispatch(module.exports.setError('Set favorites returned no data')); + return; + } + dispatch(module.exports.setFetchStatus('faved', module.exports.Status.FETCHED)); + dispatch(module.exports.setFaved(body.userFavorite)); + }); + } else { + api({ + uri: `/proxy/projects/${id}/favorites/user/${username}`, + authentication: token, + withCredentials: true, + method: 'DELETE', + useCsrf: true, + headers: {'X-Requested-With': 'XMLHttpRequest'} + }, (err, body, res) => { + if (err || res.statusCode !== 200) { + dispatch(module.exports.setError(err)); + return; + } + if (typeof body === 'undefined') { + dispatch(module.exports.setError('Set favorites returned no data')); + return; + } + dispatch(module.exports.setFetchStatus('faved', module.exports.Status.FETCHED)); + dispatch(module.exports.setFaved(false)); + }); + } +}); + module.exports.getLovedStatus = (id, username, token) => (dispatch => { dispatch(module.exports.setFetchStatus('loved', module.exports.Status.FETCHING)); api({ @@ -634,6 +679,51 @@ module.exports.setLovedStatus = (loved, id, username, token) => (dispatch => { } }); +module.exports.setLovedStatusViaProxy = (loved, id, username, token) => (dispatch => { + dispatch(module.exports.setFetchStatus('loved', module.exports.Status.FETCHING)); + if (loved) { + api({ + uri: `/proxy/projects/${id}/loves/user/${username}`, + authentication: token, + withCredentials: true, + method: 'POST', + useCsrf: true, + headers: {'X-Requested-With': 'XMLHttpRequest'} + }, (err, body, res) => { + if (err || res.statusCode !== 200) { + dispatch(module.exports.setError(err)); + return; + } + if (typeof body === 'undefined') { + dispatch(module.exports.setError('Set loved returned no data')); + return; + } + dispatch(module.exports.setFetchStatus('loved', module.exports.Status.FETCHED)); + dispatch(module.exports.setLoved(body.userLove)); + }); + } else { + api({ + uri: `/proxy/projects/${id}/loves/user/${username}`, + authentication: token, + withCredentials: true, + method: 'DELETE', + useCsrf: true, + headers: {'X-Requested-With': 'XMLHttpRequest'} + }, (err, body, res) => { + if (err || res.statusCode !== 200) { + dispatch(module.exports.setError(err)); + return; + } + if (typeof body === 'undefined') { + dispatch(module.exports.setError('Set loved returned no data')); + return; + } + dispatch(module.exports.setFetchStatus('loved', module.exports.Status.FETCHED)); + dispatch(module.exports.setLoved(body.userLove)); + }); + } +}); + module.exports.getRemixes = id => (dispatch => { dispatch(module.exports.setFetchStatus('remixes', module.exports.Status.FETCHING)); api({ diff --git a/src/views/preview/project-view.jsx b/src/views/preview/project-view.jsx index 5492d9da0..b083d1927 100644 --- a/src/views/preview/project-view.jsx +++ b/src/views/preview/project-view.jsx @@ -948,7 +948,7 @@ const mapDispatchToProps = dispatch => ({ dispatch(previewActions.getFavedStatus(id, username, token)); }, setFavedStatus: (faved, id, username, token) => { - dispatch(previewActions.setFavedStatus(faved, id, username, token)); + dispatch(previewActions.setFavedStatusViaProxy(faved, id, username, token)); }, getLovedStatus: (id, username, token) => { dispatch(previewActions.getLovedStatus(id, username, token)); @@ -957,7 +957,7 @@ const mapDispatchToProps = dispatch => ({ dispatch(previewActions.logProjectView(id, authorUsername, token)); }, setLovedStatus: (loved, id, username, token) => { - dispatch(previewActions.setLovedStatus(loved, id, username, token)); + dispatch(previewActions.setLovedStatusViaProxy(loved, id, username, token)); }, shareProject: (id, token) => { dispatch(previewActions.shareProject(id, token));