Welcome Guest, Not a member yet? Register   Sign In
Community Auth Token Name
#11

(This post was last modified: 01-18-2018, 11:39 PM by skunkbad.)

(01-18-2018, 11:18 PM)reesethebeast Wrote: Skunkbad,

After some trial and error, I just decided to change all of my AJAX code to use token versus my_token. This seems to work, for the first submission.

In a previous forum post of mine you stated "Since using a token removes it from the array of tokens, if you are using AJAX then you need to pass back a new token, and apply it to the hidden form element. You get a new token with $this->tokens->token();".

I have a table of records and a delete button on each row. As the first deletion works and the subsequent clicks fails, this means the token was removed from the jar. So based on your statement, I should pass back a new token from the AJAX call in my JSON response and update (via JQuery) the current hidden form element to contain the new token value, correct?

Yes, so in your JavaScript, when you submit an AJAX POST, you will include the token, then in your response you will include a new token:

First you will usually have a token added to the form, either automatically with form_open or just by adding it manually. I'm hard coding in the value of this token, but you would add a real one (or let form_open do it for you):


Code:
<input type="hidden" id="token" value="2no3i5n2oi3" />


Then, you submit the token along with your AJAX request. Notice how the success function updates the token:

Code:
$.ajax({
  url: "/whatever",
  method: "post",
  datatype: "json",
  data: {
    "foo": "bar",
    "token": $("#token").val()
  },
  success: function(response){
    if( response.token ){
        $("#token").val( response.token );
    }
  }
});

In your controller you would check for the token, and always pass back a new token:

PHP Code:
if( $this->tokens->match )
{
  // do something ...

  echo json_encode([
    "token" => $this->tokens->token()
  ]);


That's really all there is to it
Reply
#12

(This post was last modified: 01-20-2018, 09:27 PM by reesethebeast.)

Thanks Skunkbad. I have the same code but it currently is not updating the hidden input field value. I modified the Auth form helper to include ID on the hidden token field as there was just name previously. This still did not do the trick but once I get this working I should be set.

Code:
$(document).ready(function(){
    $(document).on("click","#delete_bookmark",function(a){
        a.preventDefault();
        var b=$(this).attr("bookmark_id"),
        c=$(this).closest("tr"),
        d=$("input[name=token").val();

        $.ajax({type:"POST",
            url:"deletebkmark",
            data:{token:d,bookmarkid:b},
            dataType:"json",
            success:function(a){
                if (a.status == 'X')
                {
                    $("#token").val(a.new_token);
                    $("#list_count").html(a.count);
                    c.remove();
                }
                else
                {
                    alert("Error occurred. Please contact support.");
                }
            }
        })
    }),
})
Reply
#13

(01-20-2018, 08:20 PM)reesethebeast Wrote: Thanks Skunkbad. I have the same code but it currently is not updating the hidden input field value. I modified the Auth form helper to include ID on the hidden token field as there was just name previously. This still did not do the trick but once I get this working I should be set.

Code:
$(document).ready(function(){
    $(document).on("click","#delete_bookmark",function(a){
        a.preventDefault();
        var b=$(this).attr("bookmark_id"),
        c=$(this).closest("tr"),
        d=$("input[name=token").val();

        $.ajax({type:"POST",
            url:"deletebkmark",
            data:{token:d,bookmarkid:b},
            dataType:"json",
            success:function(a){
                if (a.status == 'X')
                {
                    $("#token").val(a.new_token);
                    $("#list_count").html(a.count);
                    c.remove();
                }
                else
                {
                    alert("Error occurred. Please contact support.");
                }
            }
        })
    }),
})

Any chance that the "a" var has some sort of conflict because you have 2 "a"s ?? One is on your click event, and the other is your AJAX response data.
Reply
#14

(01-20-2018, 10:16 PM)skunkbad Wrote:
(01-20-2018, 08:20 PM)reesethebeast Wrote: Thanks Skunkbad. I have the same code but it currently is not updating the hidden input field value. I modified the Auth form helper to include ID on the hidden token field as there was just name previously. This still did not do the trick but once I get this working I should be set.

Code:
$(document).ready(function(){
$(document).on("click","#delete_bookmark",function(a){
a.preventDefault();
var b=$(this).attr("bookmark_id"),
c=$(this).closest("tr"),
d=$("input[name=token").val();

$.ajax({type:"POST",
url:"deletebkmark",
data:{token:d,bookmarkid:b},
dataType:"json",
success:function(a){
if (a.status == 'X')
{
$("#token").val(a.new_token);
$("#list_count").html(a.count);
c.remove();
}
else
{
alert("Error occurred. Please contact support.");
}
}
})
}),
})

Any chance that the "a" var has some sort of conflict because you have 2 "a"s ?? One is on your click event, and the other is your AJAX response data.

Hmmm, wow, I guess that was it. Good catch. The JS minification changed the variable names. This is working now. Thanks for all of your help.
Reply
#15

I don't know what you're using for minification, but I've never had a problem with gulp-uglify.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB