Invalid CSRF token error for protected REST requests

Question

Invalid CSRF token error for protected REST requests

blushi opened this issue 7 months ago · comments

Describe the bug
As part of #2196, we've fixed the invalid CSRF token error for graphql requests but it can still happen for CSRF protected REST requests.

To Reproduce

Go to https://dev.app.regen.network/ and login
Open up https://dev.app.regen.network/ in another tab
Go back to the initial tab and try to logout, this will fail with the invalid CSRF token error.

Expected behavior
In this case, we should probably refetch the CSRF token and retry, similarly to what we've done in our Apollo client.

Additional context
More explanation about the initial issue here: #2085 (comment)

For Admin Use

Not duplicate issue
Appropriate labels and zenhub epics applied
Appropriate contributors tagged

Marie Gauthier · Answer 1 · Mon Dec 04 2023 23:13:20 GMT+0800 (China Standard Time)

Hey team! Please add your planning poker estimate with Zenhub @blushi @flagrede

Florent Lagrede · Answer 2 · Tue Dec 05 2023 23:11:12 GMT+0800 (China Standard Time)

@blushi Actually wanted to put 3 for this one, there's a lot of testing involved, on top of the implementation, to ensure everything is working well.

Marie Gauthier · Answer 3 · Tue Dec 05 2023 23:13:29 GMT+0800 (China Standard Time)

sounds good