fix: 🐛 implemented XSRF token support

2021-03-01 10:36:45 +01:00 · 2021-03-01 10:36:45 +01:00 · 1ecfdafede
parent b50c124be1
commit 1ecfdafede
2 changed files with 20 additions and 1 deletions
--- a/lib/api.ts
+++ b/lib/api.ts
@ -1,5 +1,8 @@
 import { DateTime } from 'luxon'
 import { EventEmitter } from 'events'
+import { htmlDecode } from 'js-htmlencode'
+import { decode } from 'he'
+import * as html from 'node-html-parser'
 import {
  checkStatus,
  LoginStatusChecker,
@ -113,9 +116,23 @@ export class Api extends EventEmitter {
    return parse.user(data)
  }

+  parseXsrfToken(htmltext: string): string {
+    const doc = html.parse(decode(htmltext))
+    return doc.querySelector('input[name="__RequestVerificationToken"]').getAttribute('value') || ''
+  }
+
  async getChildren(): Promise<Child[]> {
    if (this.isFake) return fakeResponse(fake.children())

+    const hemResponse = await this.fetch('hemPage', routes.hemPage, this.session)
+    const xsrfToken = this.parseXsrfToken(await hemResponse.text())
+    if (this.session) {
+      this.session.headers = {
+        ...this.session.headers,
+        'X-XSRF-Token': xsrfToken
+      }
+    }
+
    const startBundleResponse = await this.fetch('startBundle', routes.startBundle, this.session)
    const startBundleText = await startBundleResponse.text()

--- a/lib/routes.ts
+++ b/lib/routes.ts
@ -48,4 +48,6 @@ export const cdn = 'https://etjanst.stockholm.se/vardnadshavare/base/cdn'

 export const auth = 'https://etjanst.stockholm.se/vardnadshavare/base/auth'

-export const startBundle = 'https://etjanst.stockholm.se/vardnadshavare/bundles/start'
+export const startBundle = 'https://etjanst.stockholm.se/vardnadshavare/bundles/start'
+
+export const hemPage = 'https://etjanst.stockholm.se/vardnadshavare/inloggad2/hem'