add set csrftoken cookie api (#48)

Author: h-ivy

packages/toolkits/pro/template/server/eggJs/app/controller/csrf.ts

@@ -0,0 +1,15 @@
+import { Controller } from 'egg';
+
+export default class EmployeeController extends Controller {
+  public async index() {
+    const { ctx } = this;
+
+    ctx.helper.commonJson(
+      ctx,
+      {
+        data: {}
+      },
+      200,
+    );
+  }
+}

packages/toolkits/pro/template/server/eggJs/app/router.ts

@@ -6,6 +6,9 @@ export default (app: Application) => {
   // todo: init database connect
   // router.post('/v1/database/init');
 
+  // Must be called before all other interfaces
+  router.get('/v1/setcsrf', controller.csrf.index);
+
   router.post('/v1/employee/getEmployee', controller.employee.getEmployee);
 
 };

packages/toolkits/pro/template/tinyvue/src/api/interceptor.ts

@@ -2,6 +2,10 @@ import axios, { AxiosRequestConfig, AxiosResponse } from 'axios';
 import { Modal } from '@opentiny/vue';
 import { getToken } from '@/utils/auth';
 
+export function setcsrf() {
+  return axios.get('/api/v1/setcsrf');
+}
+
 export interface HttpResponse<T = unknown> {
   status: number;
   msg: string;
@@ -22,6 +26,12 @@ axios.interceptors.request.use(
       }
       config.headers.Authorization = `Bearer ${token}`;
     }
+
+    const [, csrfToken] = /[;\s+]?csrfToken=([^;]*)/.exec(document.cookie) || [];
+    if (csrfToken) {
+      config.headers = { ...config.headers, 'x-csrf-token': csrfToken };
+    }
+
     return config;
   },
   (error) => {