When a user is logged in, he can perform a search with a small form. This is an AJAX request to a controller. I can perform this action multiple times. However, when I try to reload the page, the user is logged out and needs to be logged in again.
This is my JS:
var CFG = {
url: '<?php echo $this->config->item('base_url'); ?>',
token: '<?php echo $this->security->get_csrf_hash(); ?>'
};
$(function()
{
$('#personen_search_result').hide();
$('#search_alert').hide();
$.ajaxSetup(
{
data:
{
token:CFG.token
}
});
$(document).ajaxSuccess(function(e,x)
{
var result = $.parseJSON(x.responseText);
$('input:hidden[name="token"]').val(result.token);
$.ajaxSetup(
{
data:
{
token: result.token
}
});
});
$( "#submit_personen" ).click(function(event)
{
event.preventDefault();
var namelast = $('#namelast').val();
var dateofbirth = $('#dateofbirth').val();
var rijksregisternr = $('#rijksregisternr').val();
var email = $('#email').val();
var hosid = <?php echo $this->session->hosid; ?>;
$.ajaxSetup(
{
data:
{
nameLast: namelast,
dateofBirth: dateofbirth,
rijksregisterNr: rijksregisternr,
email: email,
hosid: hosid
}
});
$('#table_personen').html("");
$('#search_alert').html("").hide();
$.post(CFG.url + 'persoon/js_retrieve', function(data)
{
if(data['status'] == 200)
{
var personenrows = data['html'];
$('#table_personen').append (personenrows);
if (!$('#personen_search_result').is(':visible'))
$('#personen_search_result').slideToggle();
}
else if (data['status'] == 400)
{
var message = data['html'];
$('#search_alert').append(message);
if (!$('#search_alert').is(':visible'))
$('#search_alert').slideToggle();
}
}, 'json');
});
});
And this is my controller:
public function js_retrieve()
{
// Data preperations
// Query Builder
if ($result->num_rows() == 0)
{
// No result: error message
$data['html'] = '<span class="alert">Geen personen gevonden.</span>';
$data['status'] = 400;
}
else
{
// Good result, show list in table
// table header
$html = '<thead class="thead-light"><tr><th>Naam</th>th>Voornaam</th><th>Geboortedatum</th><th>Rijksregister</th><th>status</th></tr><tbody>';
// create rows
foreach ($result->result_array() as $row)
{
$html .=
'<tr>/
<td><a href="'. base_url( 'persoon/detail/' .$row['id'] ) .'">' . $row['NameLast'] .', '. $row['NameFirst'] . '</a></td>/
<td>' . $row['DateofBirth'] . '</td>/
<td>' . $row['RijksRegisterNumber'] . '</td>/
<td>' . $row['Status'] . '</td></tr>';
}
// close body
$data['html'] = $html . '</tbody>';
// status
$data['status'] = 200;
}
// Set CSRF token hash & headers
$data['oldtoken'] = $this->input->post('token');
$data['token'] = $this->security->get_csrf_hash();
if (!headers_sent())
{
header('Cache-Control: no-cache, must-revalidate');
header('Expires: ' . date('r'));
header('Content-type: application/json');
}
// return result
exit( json_encode($data , JSON_FORCE_OBJECT) );
}
Anyone that can give me some guidance?
PS: These are my configs:
$config['csrf_token_name'] = 'token';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = FALSE;
$config['csrf_exclude_uris'] = array();