Invalid CSRF token error for protected REST requests
blushi opened this issue · comments
Describe the bug
As part of #2196, we've fixed the invalid CSRF token error for graphql requests but it can still happen for CSRF protected REST requests.
To Reproduce
- Go to https://dev.app.regen.network/ and login
- Open up https://dev.app.regen.network/ in another tab
- Go back to the initial tab and try to logout, this will fail with the invalid CSRF token error.
Expected behavior
In this case, we should probably refetch the CSRF token and retry, similarly to what we've done in our Apollo client.
Additional context
More explanation about the initial issue here: #2085 (comment)
For Admin Use
- Not duplicate issue
- Appropriate labels and zenhub epics applied
- Appropriate contributors tagged
Hey team! Please add your planning poker estimate with Zenhub @blushi @flagrede
@blushi Actually wanted to put 3 for this one, there's a lot of testing involved, on top of the implementation, to ensure everything is working well.
sounds good