Blog>
Snippets

Updating CSRF Tokens in Angular with WebSockets

Explain how to update CSRF tokens in real-time in an Angular application when using WebSockets for data communication.
import { Injectable } from '@angular/core';
import { HttpClient, HttpHeaders } from '@angular/common/http';

@Injectable({
  providedIn: 'root'
})
export class CsrfService {
  private csrfToken: string;

  constructor(private http: HttpClient) {}

  // Update the CSRF token
  updateCsrfToken(newToken: string): void {
    this.csrfToken = newToken;
  }

  // Get the current CSRF token
  getCsrfToken(): string {
    return this.csrfToken;
  }
}
This is a service in Angular that is responsible for handling CSRF token update and retrieval. It has a method to update the token and another to retrieve the current token.
import { webSocket } from 'rxjs/webSocket';
import { CsrfService } from './csrf.service';

const socket$ = webSocket('wss://your-websocket-endpoint');

socket$.subscribe(
  msg => {
    if (msg.csrfToken) {
      this.csrfService.updateCsrfToken(msg.csrfToken);
    }
  },
  err => console.error(err),
  () => console.log('complete')
);
This piece of code creates a WebSocket connection using RxJS's webSocket function. It subscribes to messages coming from the WebSocket and updates the CSRF token when a new one is received.
import { HttpHeaders } from '@angular/common/http';
import { CsrfService } from './csrf.service';

// Using CSRF token in HTTP request headers

let headers = new HttpHeaders({
  'X-CSRF-Token': this.csrfService.getCsrfToken()
});

// Now you can append headers to your HTTP requests
// this.http.get('/api/endpoint', { headers: headers });
This code shows how to include the CSRF token in the HTTP request headers using the 'X-CSRF-Token' custom header field. The 'CsrfService' is used to retrieve the latest token.