Add basic hardening for auth and download paths
This commit is contained in:
@@ -1,15 +1,20 @@
|
||||
import {ApplicationConfig, importProvidersFrom, provideZoneChangeDetection} from '@angular/core';
|
||||
import {
|
||||
ApplicationConfig,
|
||||
importProvidersFrom,
|
||||
provideZoneChangeDetection,
|
||||
} from '@angular/core';
|
||||
import { provideRouter } from '@angular/router';
|
||||
|
||||
import { routes } from './app.routes';
|
||||
import {provideHttpClient} from "@angular/common/http";
|
||||
import {SocketIoModule} from "ngx-socket-io";
|
||||
import { provideHttpClient, withInterceptors } from '@angular/common/http';
|
||||
import { SocketIoModule } from 'ngx-socket-io';
|
||||
import { authTokenInterceptor } from './services/auth-token.interceptor';
|
||||
|
||||
export const appConfig: ApplicationConfig = {
|
||||
providers: [
|
||||
provideZoneChangeDetection({ eventCoalescing: true }),
|
||||
provideRouter(routes),
|
||||
provideHttpClient(),
|
||||
importProvidersFrom(SocketIoModule.forRoot({url: ''}))
|
||||
provideHttpClient(withInterceptors([authTokenInterceptor])),
|
||||
importProvidersFrom(SocketIoModule.forRoot({ url: '' })),
|
||||
],
|
||||
};
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
import { HttpInterceptorFn } from '@angular/common/http';
|
||||
|
||||
const TOKEN_STORAGE_KEY = 'spooty_auth_token';
|
||||
|
||||
export const authTokenInterceptor: HttpInterceptorFn = (req, next) => {
|
||||
const token = localStorage.getItem(TOKEN_STORAGE_KEY);
|
||||
|
||||
if (!token) {
|
||||
return next(req);
|
||||
}
|
||||
|
||||
return next(
|
||||
req.clone({
|
||||
setHeaders: {
|
||||
'x-spooty-token': token,
|
||||
},
|
||||
}),
|
||||
);
|
||||
};
|
||||
Reference in New Issue
Block a user