-
-
Save there4/3366771 to your computer and use it in GitHub Desktop.
Rewriting backbone.sync for rails CSRF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(function($) { | |
var methodMap = { | |
'create': 'POST', | |
'update': 'PUT', | |
'delete': 'DELETE', | |
'read' : 'GET' | |
}; | |
var getUrl = function(object) { | |
if (!(object && object.url)) return null; | |
return _.isFunction(object.url) ? object.url() : object.url; | |
}; | |
var urlError = function() { | |
throw new Error("A 'url' property or function must be specified"); | |
}; | |
Backbone.sync = function(method, model, options) { | |
var type = methodMap[method]; | |
// Default JSON-request options. | |
var params = _.extend({ | |
type: type, | |
dataType: 'json', | |
beforeSend: function( xhr ) { | |
var token = $('meta[name="csrf-token"]').attr('content'); | |
if (token) xhr.setRequestHeader('X-CSRF-Token', token); | |
model.trigger('sync:start'); | |
} | |
}, options); | |
if (!params.url) { | |
params.url = getUrl(model) || urlError(); | |
} | |
// Ensure that we have the appropriate request data. | |
if (!params.data && model && (method == 'create' || method == 'update')) { | |
params.contentType = 'application/json'; | |
var data = {} | |
if(model.paramRoot) { | |
data[model.paramRoot] = model.toJSON(); | |
} else { | |
data = model.toJSON(); | |
} | |
params.data = JSON.stringify(data) | |
} | |
// Don't process data on a non-GET request. | |
if (params.type !== 'GET') { | |
params.processData = false; | |
} | |
// Trigger the sync end event | |
var complete = options.complete; | |
params.complete = function(jqXHR, textStatus) { | |
model.trigger('sync:end'); | |
if (complete) complete(jqXHR, textStatus); | |
}; | |
// Make the request. | |
return $.ajax(params); | |
} | |
})(jQuery); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment