CSRF refresh fixes

2024-08-14 13:03:50 +02:00 · 2024-08-14 13:03:50 +02:00 · f0e8e20c24
commit f0e8e20c24
parent a8dc0b3647
15 changed files with 12111 additions and 51665 deletions
--- a/apps/link/app/_lib/authentication.ts
+++ b/apps/link/app/_lib/authentication.ts
@ -123,7 +123,7 @@ export const authOptions: NextAuthOptions = {
      }

      if (session && trigger === "update") {
-        token.zammadCsrfToken = session.csrfToken;
+        token.zammadCsrfToken = session.zammadCsrfToken;
      }
      return token;
    },
--- a/apps/link/app/_lib/zammad.ts
+++ b/apps/link/app/_lib/zammad.ts
@ -10,6 +10,7 @@ const getHeaders = async () => {
    Accept: "application/json",
    // @ts-ignore
    "X-CSRF-Token": session.user.zammadCsrfToken,
+    "X-Browser-Fingerprint": `${session.expires}`,
    Cookie: allCookies
      .map((cookie: any) => `${cookie.name}=${cookie.value}`)
      .join("; "),