Merge pull request #70 from amhsirak/develop

feat: remove csrf protection
2024-10-12 22:48:48 +05:30
parent 44fd39bb2f d2a9927e5b
commit bb61212caf
2 changed files with 10 additions and 31 deletions
--- a/server/src/server.ts
+++ b/server/src/server.ts
@@ -16,8 +16,6 @@ import { Server } from "socket.io";
 import { readdirSync } from "fs"
 import { fork } from 'child_process';

-const csrfProtection = csrf({ cookie: true })
-
 const app = express();
 app.use(cors({
  origin: 'http://localhost:3000',
@@ -39,10 +37,9 @@ export const io = new Server(server);
 export const browserPool = new BrowserPool();

 app.use(bodyParser.json({ limit: '10mb' }))
-app.use(bodyParser.urlencoded({ extended: true, limit: '10mb', parameterLimit: 10000 }));
+app.use(bodyParser.urlencoded({ extended: true, limit: '10mb', parameterLimit: 9000 }));
 // parse cookies - "cookie" is true in csrfProtection
 app.use(cookieParser())
-app.use(csrfProtection)

 app.use('/record', record);
 app.use('/workflow', workflow);
@@ -62,24 +59,20 @@ readdirSync(path.join(__dirname, 'api')).forEach((r) => {
 });

 const workerProcess = fork(path.resolve(__dirname, './worker.ts'));
-workerProcess.on('message', (message) => {
-  console.log(`Message from worker: ${message}`);
-});
-workerProcess.on('error', (error) => {
-  console.error(`Error in worker: ${error}`);
-});
-workerProcess.on('exit', (code) => {
+ workerProcess.on('message', (message) => {
+   console.log(`Message from worker: ${message}`);
+ });
+ workerProcess.on('error', (error) => {
+   console.error(`Error in worker: ${error}`);
+ });
+ workerProcess.on('exit', (code) => {
  console.log(`Worker exited with code: ${code}`);
-});
+ });

 app.get('/', function (req, res) {
  return res.send('Maxun server started 🚀');
 });

-app.get('/csrf-token', (req, res) => {
-  res.json({ csrfToken: req.csrfToken() })
-})
-
 server.listen(SERVER_PORT, async () => {
  await connectDB();
  await syncDB();
--- a/src/context/auth.tsx
+++ b/src/context/auth.tsx
@@ -81,21 +81,7 @@ const AuthProvider = ({ children }: AuthProviderProps) => {
            return Promise.reject(error);
        }
    );
-
-    useEffect(() => {
-        const getCsrfToken = async () => {
-            try {
-                const { data } = await axios.get('http://localhost:8080/csrf-token');
-                if (data.csrfToken) {
-                    (axios.defaults.headers as any)['X-CSRF-TOKEN'] = data.csrfToken;
-                }
-            } catch (error) {
-                console.error('Error fetching CSRF token:', error);
-            }
-        };
-        getCsrfToken();
-    }, []);
-
+    
    return (
        <AuthContext.Provider value={{ state, dispatch }}>
            {children}