nhcarrigan/library
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 54 Actions Releases 3 Activity
Files
0a654f423ab632ab9f4d953e38e7edb52f911e77
library/apps/frontend/src/app/services/api.service.ts
T
naomi 0a654f423a feat: security and auditing
2026-02-04 16:48:08 -08:00

89 lines
2.2 KiB
TypeScript
Raw Blame History

/**
* @copyright 2026 NHCarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
import { Injectable, signal, inject } from '@angular/core';
import { HttpClient, HttpHeaders } from '@angular/common/http';
import { Observable, switchMap, tap, of } from 'rxjs';
import { environment } from '../../environments/environment';
interface CsrfTokenResponse {
csrfToken: string;
}
@Injectable({
providedIn: 'root'
})
export class ApiService {
private http = inject(HttpClient);
private readonly apiUrl = environment.apiUrl;
private csrfToken = signal<string | null>(null);
private getHeaders(): HttpHeaders {
const headers: Record<string, string> = {
'Content-Type': 'application/json'
};
const token = this.csrfToken();
if (token) {
headers['X-CSRF-Token'] = token;
}
return new HttpHeaders(headers);
}
private ensureCsrfToken(): Observable<string> {
const existingToken = this.csrfToken();
if (existingToken) {
return of(existingToken);
}
return this.http.get<CsrfTokenResponse>(`${this.apiUrl}/auth/csrf-token`, {
withCredentials: true
}).pipe(
tap(response => this.csrfToken.set(response.csrfToken)),
switchMap(response => of(response.csrfToken))
);
}
get<T>(endpoint: string): Observable<T> {
return this.http.get<T>(`${this.apiUrl}${endpoint}`, {
headers: this.getHeaders(),
withCredentials: true
});
}
post<T>(endpoint: string, body: unknown): Observable<T> {
return this.ensureCsrfToken().pipe(
switchMap(() => this.http.post<T>(`${this.apiUrl}${endpoint}`, body, {
headers: this.getHeaders(),
withCredentials: true
}))
);
}
put<T>(endpoint: string, body: unknown): Observable<T> {
return this.ensureCsrfToken().pipe(
switchMap(() => this.http.put<T>(`${this.apiUrl}${endpoint}`, body, {
headers: this.getHeaders(),
withCredentials: true
}))
);
}
delete<T>(endpoint: string): Observable<T> {
return this.ensureCsrfToken().pipe(
switchMap(() => this.http.delete<T>(`${this.apiUrl}${endpoint}`, {
headers: this.getHeaders(),
withCredentials: true
}))
);
}
clearCsrfToken(): void {
this.csrfToken.set(null);
}
}
Reference in New Issue View Git Blame Copy Permalink