84 lines
2.3 KiB
TypeScript
84 lines
2.3 KiB
TypeScript
import { z } from 'zod'
|
|
|
|
let csrfToken: string | null = null
|
|
|
|
// Called once on app bootstrap. Fetches the CSRF token and sets the cookie.
|
|
export async function bootstrapCSRF(): Promise<void> {
|
|
const res = await fetch('/api/v1/csrf', { credentials: 'include' })
|
|
if (!res.ok) return
|
|
const data = await res.json()
|
|
if (typeof data.token === 'string') {
|
|
csrfToken = data.token
|
|
}
|
|
}
|
|
|
|
export async function getCSRFToken(): Promise<string> {
|
|
if (csrfToken) return csrfToken
|
|
await bootstrapCSRF()
|
|
return csrfToken ?? ''
|
|
}
|
|
|
|
export class ApiError extends Error {
|
|
readonly status: number
|
|
|
|
constructor(status: number, message: string) {
|
|
super(message)
|
|
this.name = 'ApiError'
|
|
this.status = status
|
|
}
|
|
}
|
|
|
|
interface RequestOptions extends RequestInit {
|
|
json?: unknown
|
|
}
|
|
|
|
async function request<T>(
|
|
path: string,
|
|
schema: z.ZodType<T>,
|
|
options: RequestOptions = {},
|
|
): Promise<T> {
|
|
const { json, ...rest } = options
|
|
const headers: Record<string, string> = {}
|
|
|
|
if (json !== undefined) {
|
|
headers['Content-Type'] = 'application/json'
|
|
}
|
|
|
|
const method = (rest.method ?? 'GET').toUpperCase()
|
|
if (['POST', 'PUT', 'PATCH', 'DELETE'].includes(method)) {
|
|
headers['X-CSRF-Token'] = await getCSRFToken()
|
|
}
|
|
|
|
const res = await fetch(path, {
|
|
...rest,
|
|
credentials: 'include',
|
|
headers: { ...headers, ...(rest.headers as Record<string, string> | undefined) },
|
|
body: json !== undefined ? JSON.stringify(json) : rest.body,
|
|
})
|
|
|
|
if (!res.ok) {
|
|
let message = res.statusText
|
|
try {
|
|
const body = await res.json()
|
|
if (typeof body.error === 'string') message = body.error
|
|
} catch {}
|
|
throw new ApiError(res.status, message)
|
|
}
|
|
|
|
if (res.status === 204) return schema.parse(null)
|
|
const data = await res.json()
|
|
return schema.parse(data)
|
|
}
|
|
|
|
export const api = {
|
|
get: <T>(path: string, schema: z.ZodType<T>) => request(path, schema),
|
|
post: <T>(path: string, schema: z.ZodType<T>, body: unknown) =>
|
|
request(path, schema, { method: 'POST', json: body }),
|
|
put: <T>(path: string, schema: z.ZodType<T>, body: unknown) =>
|
|
request(path, schema, { method: 'PUT', json: body }),
|
|
patch: <T>(path: string, schema: z.ZodType<T>, body: unknown) =>
|
|
request(path, schema, { method: 'PATCH', json: body }),
|
|
delete: <T>(path: string, schema: z.ZodType<T>) =>
|
|
request(path, schema, { method: 'DELETE' }),
|
|
}
|