search

hermawanramadhan / CodeIgniter4-DataTables

MIT License
92 stars 38 forks source link

Post Method with CRSF Regenerate true #35

Open reactmore opened 1 year ago

reactmore commented 1 year ago

is it possible to Send a response with a csrf token so that it can be obtained in the ajax process? or is there another way of implementing

     /**
     * --------------------------------------------------------------------------
     * CSRF Regenerate
     * --------------------------------------------------------------------------
     *
     * Regenerate CSRF Token on every submission.
     */
    public bool $regenerate = true;
public function toJson($returnAsObject = NULL)
    {

        if(! Request::get('draw'))
        {
            return self::throwError('no datatable request detected');
        }

        if($returnAsObject !== NULL) 
            $this->columnDefs->returnAsObject($returnAsObject);

        $this->query->setColumnDefs($this->columnDefs);

        $response = Services::response();

        $callback = [
            'draw'              => Request::get('draw'),
            'recordsTotal'      => $this->query->countAll(),
            'recordsFiltered'   => $this->query->countFiltered(),
            'data'              => $this->query->getDataResult(),

        ];

        $csrf_name = csrf_token();
        $csrf_hash = csrf_hash();
        $callback[$csrf_name] = $csrf_hash;

        return $response->setJSON($callback);
    }
var serversidetable = $('#' + id).DataTable({
            processing: true,
            serverSide: true,
            ajax: {
                "url": url,
                "data": function (data) {
                    data.app_csrf_token = $('input[name=app_csrf_token]').val() //function bridge token view to controller (required)
                },
                "dataSrc": function (response) {
                    $('input[name=app_csrf_token]').val(response.app_csrf_token); //dataSrc for random request token char (required)
                    return response.data;
                },
                "method": 'POST'
            },
            "responsive": true,
            "lengthChange": true,
            "autoWidth": false,
            "aLengthMenu": [[15, 30, 60, 100], [15, 30, 60, 100, "All"]]
        });
zulyantara commented 1 year ago

sebenernya csrf true/false, returnnya tetap menampilkan csrf gak ada masalah, bagusnya di variabel $callback langsung tambahkan 'csrf_token => csrf_hash(),