senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/apps/web/src/services
History
senke 6d59bb790b fix(csrf): add retry mechanism for 403 CSRF errors 
Added response interceptor to handle 403 errors caused by expired or
invalid CSRF tokens. When a mutation fails with 403, the interceptor:

1. Detects if error is CSRF-related (checks error message for csrf/token/forbidden)
2. Refreshes the CSRF token via csrfService.ensureToken()
3. Updates request headers with new token
4. Retries the request once

Features:
- Only retries once per request (via _csrfRetry flag)
- Skips retry for /csrf-token and /auth/* endpoints
- Logs all CSRF refresh attempts for debugging
- Falls through to original error if refresh fails
- Handles both error.error and error.message formats

TypeScript fixes:
- Cast originalRequest to any for _csrfRetry property
- Safely access error data with type checking

Impact: Eliminates 403 errors on POST/PUT/DELETE when CSRF token expires.
Users no longer need to manually refresh page to get new CSRF token.

Fixes: P1.3 from audit AUDIT_TEMP_29_01_2026.md
2026-01-29 23:18:08 +01:00
..
__tests__ incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
api fix(csrf): add retry mechanism for 403 CSRF errors 2026-01-29 23:18:08 +01:00
2fa-service.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
2fa-service.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
adminService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
adminService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
analyticsService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
analyticsService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
authService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
chatService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
chatService.ts aesthetic-improvements: reduce decorative cyan in education and services (80/20 rule, batch 14) 2026-01-16 11:34:18 +01:00
commerceService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
commerceService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
cookieService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
csrf.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
developerService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
developerService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
educationService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
educationService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
gamificationService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
gamificationService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
gearService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
gearService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
groupService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
groupService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
marketplaceService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
marketplaceService.ts fix: Corriger URL Swagger et finaliser implémentation DeveloperPage 2026-01-18 13:55:28 +01:00
offlineQueue.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
offlineQueue.ts stabilized but still broken MVP VERSION 2026-01-18 16:28:22 +01:00
playlistService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
playlistService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
productService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
projectService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
projectService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
pwa.ts fix: Corriger URL Swagger et finaliser implémentation DeveloperPage 2026-01-18 13:55:28 +01:00
requestDeduplication.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
requestDeduplication.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
responseCache.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
responseCache.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
roleService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
searchService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
searchService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
sessionService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
sessionService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
socialService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
socialService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
storageService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
storageService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
tokenRefresh.test.ts refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
tokenRefresh.ts fix: Corriger URL Swagger et finaliser implémentation DeveloperPage 2026-01-18 13:55:28 +01:00
tokenStorage.test.ts chore: remove production logs in services 2026-01-07 10:33:52 +01:00
tokenStorage.ts security: migrate access token to httpOnly cookie (Actions 5.1.1.1-5.1.1.3) 2026-01-16 01:03:23 +01:00
trackService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
uploadService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
uploadService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
userService.test.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
userService.ts incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
webhookService.ts improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
websocket.ts fix: Corriger URL Swagger et finaliser implémentation DeveloperPage 2026-01-18 13:55:28 +01:00