Global csrf token check #1634
-
Hi, I'd like to implement a global csrf check for every handler in my MSW configuration.
I'm guessing the correct way to do this is via a response composition, but a bit confused as to how to implement. Are there any code examples out there for this? Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
Hi, @mauriceoc. It should be enough to prepend a less specific request handler to capture all requests and implement that CRSF validation token in it: // mocks/handlers.js
import { rest } from 'msw'
export const handlers = [
rest.all('*', (req, res, ctx) => {
// If the token is valid, proceed with the request.
// Just returning undefined from the handler will instruct MSW
// to fallthrough, looking for any other matching handlers.
if (validateCrsfToken(req)) {
return
}
// If the token validation failed, respond with a mock 401 response.
return res(ctx.status(401))
}),
// ...other handlers.
] There are, of course, multiple ways of doing this in case this particular suggestion doesn't suit your needs. You can introduce a higher-order resolver, adding that validation logic there, as an example. But I'd recommend going with the simplest approach. Also, on a related note, I highly recommend updating to |
Beta Was this translation helpful? Give feedback.
Hi, @mauriceoc.
It should be enough to prepend a less specific request handler to capture all requests and implement that CRSF validation token in it:
There are, of course, multiple ways of doing this in ca…