diff --git a/front/src/components/audio/Player.vue b/front/src/components/audio/Player.vue
index 1296ecb9725fa1853045e8b537d3fc87e1e72d2e..a6d638995914a9b2ccd49ab44d1ba8aff5a222fe 100644
--- a/front/src/components/audio/Player.vue
+++ b/front/src/components/audio/Player.vue
@@ -436,7 +436,6 @@ export default {
param = "token"
value = this.$store.state.auth.scopedTokens.listen
}
- console.log('HELLO', param, value, this.$store.state.auth.scopedTokens)
sources.forEach(e => {
e.url = url.updateQueryString(e.url, param, value)
})
diff --git a/front/src/components/audio/SearchBar.vue b/front/src/components/audio/SearchBar.vue
index 60650c52eaf49df9d69a69f432b2849247d7e9bb..8df8b1826a9c1be278e0be56900ade40c94e3b5b 100644
--- a/front/src/components/audio/SearchBar.vue
+++ b/front/src/components/audio/SearchBar.vue
@@ -70,7 +70,10 @@ export default {
if (!self.$store.state.auth.authenticated) {
return xhrObject
}
- xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+
+ if (self.$store.state.auth.oauth.accessToken) {
+ xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+ }
return xhrObject
},
onResponse: function (initialResponse) {
diff --git a/front/src/components/library/FileUploadWidget.vue b/front/src/components/library/FileUploadWidget.vue
index 7557d61e41659cefb29f19a6b25bd76b98f4b409..c91916c03795b774ef26233d41d982e178af9727 100644
--- a/front/src/components/library/FileUploadWidget.vue
+++ b/front/src/components/library/FileUploadWidget.vue
@@ -1,5 +1,6 @@
<script>
import FileUpload from 'vue-upload-component'
+import {setCsrf} from '@/utils'
export default {
extends: FileUpload,
@@ -32,7 +33,10 @@ export default {
form.append(this.name, file.file, filename)
let xhr = new XMLHttpRequest()
xhr.open('POST', file.postAction)
- xhr.setRequestHeader('Authorization', this.$store.getters['auth/header'])
+ setCsrf(xhr)
+ if (this.$store.state.auth.oauth.accessToken) {
+ xhr.setRequestHeader('Authorization', this.$store.getters['auth/header'])
+ }
return this.uploadXhr(xhr, file, form)
}
}
diff --git a/front/src/components/library/TagsSelector.vue b/front/src/components/library/TagsSelector.vue
index 87a40401e8ba2542166e2a1a1f02a8f579159303..5b2fa0c96e7c9d333a42cc15e213de683987eea1 100644
--- a/front/src/components/library/TagsSelector.vue
+++ b/front/src/components/library/TagsSelector.vue
@@ -39,7 +39,10 @@ export default {
apiSettings: {
url: this.$store.getters['instance/absoluteUrl']('/api/v1/tags/?name__startswith={query}&ordering=length&page_size=5'),
beforeXHR: function (xhrObject) {
- xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+
+ if (self.$store.state.auth.oauth.accessToken) {
+ xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+ }
return xhrObject
},
onResponse(response) {
diff --git a/front/src/components/library/radios/Filter.vue b/front/src/components/library/radios/Filter.vue
index 9830d870dd9413864afbbcc45da7b9ac73e40b97..d871d8867699bbcc62124a600141b9cae89b7903 100644
--- a/front/src/components/library/radios/Filter.vue
+++ b/front/src/components/library/radios/Filter.vue
@@ -114,7 +114,9 @@ export default {
settings.apiSettings = {
url: self.$store.getters['instance/absoluteUrl'](f.autocomplete + '?' + f.autocomplete_qs),
beforeXHR: function (xhrObject) {
- xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+ if (self.$store.state.auth.oauth.accessToken) {
+ xhrObject.setRequestHeader('Authorization', self.$store.getters['auth/header'])
+ }
return xhrObject
},
onResponse: function (initialResponse) {
diff --git a/front/src/utils.js b/front/src/utils.js
index ad763fe004da937e3ab614ad9622dd1fda3af5d1..50d308288350d6131fb3df40b326910713afedee 100644
--- a/front/src/utils.js
+++ b/front/src/utils.js
@@ -33,3 +33,15 @@ export function parseAPIErrors(responseData, parentField) {
}
return errors
}
+
+export function getCookie(name) {
+ return document.cookie
+ .split('; ')
+ .find(row => row.startsWith(name))
+ .split('=')[1];
+}
+export function setCsrf(xhr) {
+ if (getCookie('csrftoken')) {
+ xhr.setRequestHeader('X-CSRFToken', getCookie('csrftoken'))
+ }
+}