diff --git a/src/fellchensammlung/static/fellchensammlung/js/adoption-notice-form.js b/src/fellchensammlung/static/fellchensammlung/js/adoption-notice-form.js index 90437fc..efba993 100644 --- a/src/fellchensammlung/static/fellchensammlung/js/adoption-notice-form.js +++ b/src/fellchensammlung/static/fellchensammlung/js/adoption-notice-form.js @@ -1,3 +1,19 @@ +function getCookie(name) { + let cookieValue = null; + if (document.cookie && document.cookie !== '') { + const cookies = document.cookie.split(';'); + for (let i = 0; i < cookies.length; i++) { + const cookie = cookies[i].trim(); + // Does this cookie string begin with the name we want? + if (cookie.substring(0, name.length + 1) === (name + '=')) { + cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); + break; + } + } + } + return cookieValue; +} + document.addEventListener('DOMContentLoaded', function () { // ------------------------------------------------ functions var show = function (elem) { @@ -366,12 +382,13 @@ document.addEventListener('DOMContentLoaded', function () { const xhttp = new XMLHttpRequest(); xhttp.onload = function () { - if (xhttp.status == 200) { + if (xhttp.status === 201) { console.log(this.responseText); } else { console.log("Error while posting data!"); } } + const csrftoken = getCookie('csrftoken'); let data = JSON.stringify({ "created_at": postDate, "searching_since": an_searching_since.value, @@ -382,7 +399,7 @@ document.addEventListener('DOMContentLoaded', function () { "location_string": an_location_string.value, }); xhttp.open("POST", path + "/api/adoption_notice"); - xhttp.setRequestHeader('Authorization', 'Token b1269a0185a6306b64c01d9f19153bfda312e540'); + xhttp.setRequestHeader("X-CSRFToken", csrftoken); xhttp.setRequestHeader('content-type', 'application/json'); xhttp.send(data);