Welcome Guest, Not a member yet? Register   Sign In
Community Auth Token Name
#11

(This post was last modified: 01-18-2018, 11:39 PM by skunkbad.)

(01-18-2018, 11:18 PM)reesethebeast Wrote: Skunkbad,

After some trial and error, I just decided to change all of my AJAX code to use token versus my_token. This seems to work, for the first submission.

In a previous forum post of mine you stated "Since using a token removes it from the array of tokens, if you are using AJAX then you need to pass back a new token, and apply it to the hidden form element. You get a new token with $this->tokens->token();".

I have a table of records and a delete button on each row. As the first deletion works and the subsequent clicks fails, this means the token was removed from the jar. So based on your statement, I should pass back a new token from the AJAX call in my JSON response and update (via JQuery) the current hidden form element to contain the new token value, correct?

Yes, so in your JavaScript, when you submit an AJAX POST, you will include the token, then in your response you will include a new token:

First you will usually have a token added to the form, either automatically with form_open or just by adding it manually. I'm hard coding in the value of this token, but you would add a real one (or let form_open do it for you):


Code:
<input type="hidden" id="token" value="2no3i5n2oi3" />


Then, you submit the token along with your AJAX request. Notice how the success function updates the token:

Code:
$.ajax({
  url: "/whatever",
  method: "post",
  datatype: "json",
  data: {
    "foo": "bar",
    "token": $("#token").val()
  },
  success: function(response){
    if( response.token ){
        $("#token").val( response.token );
    }
  }
});

In your controller you would check for the token, and always pass back a new token:

PHP Code:
if( $this->tokens->match )
{
  // do something ...

  echo json_encode([
    "token" => $this->tokens->token()
  ]);


That's really all there is to it
Reply


Messages In This Thread
Community Auth Token Name - by reesethebeast - 01-17-2018, 07:17 PM
RE: Community Auth Token Name - by skunkbad - 01-18-2018, 12:27 AM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 06:42 AM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 08:14 AM
RE: Community Auth Token Name - by skunkbad - 01-18-2018, 09:04 AM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 09:29 AM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 09:46 AM
RE: Community Auth Token Name - by skunkbad - 01-18-2018, 12:13 PM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 02:21 PM
RE: Community Auth Token Name - by reesethebeast - 01-18-2018, 11:18 PM
RE: Community Auth Token Name - by skunkbad - 01-18-2018, 11:38 PM
RE: Community Auth Token Name - by reesethebeast - 01-20-2018, 08:20 PM
RE: Community Auth Token Name - by skunkbad - 01-20-2018, 10:16 PM
RE: Community Auth Token Name - by reesethebeast - 01-21-2018, 06:17 AM
RE: Community Auth Token Name - by skunkbad - 01-21-2018, 10:51 AM



Theme © iAndrew 2016 - Forum software by © MyBB