diff options
Diffstat (limited to 'ext/bg/js')
-rw-r--r-- | ext/bg/js/ankiweb.js | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/ext/bg/js/ankiweb.js b/ext/bg/js/ankiweb.js index 6a45b9c5..69a1b44d 100644 --- a/ext/bg/js/ankiweb.js +++ b/ext/bg/js/ankiweb.js @@ -47,7 +47,8 @@ class AnkiWeb { const data = { data: JSON.stringify([fields, note.tags.join(' ')]), mid: model.id, - deck: note.deckName + deck: note.deckName, + csrf_token: info.token }; return AnkiWeb.loadAccountPage('https://ankiweb.net/edit/save', data, this.username, this.password); @@ -78,8 +79,8 @@ class AnkiWeb { return Promise.resolve(this.noteInfo); } - return AnkiWeb.scrape(this.username, this.password).then(({deckNames, models}) => { - this.noteInfo = {deckNames, models}; + return AnkiWeb.scrape(this.username, this.password).then(({deckNames, models, token}) => { + this.noteInfo = {deckNames, models, token}; return this.noteInfo; }); } @@ -100,8 +101,14 @@ class AnkiWeb { return Promise.reject('failed to scrape deck data'); } + const tokenMatch = /editor\.csrf_token = \'(.*)\';/.exec(response); + if (tokenMatch === null) { + return Promise.reject('failed to acquire csrf_token'); + } + const modelsJson = JSON.parse(modelsMatch[1]); const decksJson = JSON.parse(decksMatch[1]); + const token = tokenMatch[1]; const deckNames = Object.keys(decksJson).map(d => decksJson[d].name); const models = []; @@ -113,16 +120,16 @@ class AnkiWeb { }); } - return {deckNames, models}; + return {deckNames, models, token}; }); } - static login(username, password) { + static login(username, password, token) { if (username.length === 0 || password.length === 0) { return Promise.reject('login credentials not specified'); } - const data = {username, password, submitted: 1}; + const data = {username, password, csrf_token: token, submitted: 1}; return AnkiWeb.loadPage('https://ankiweb.net/account/login', data).then(response => { if (!response.includes('class="mitem"')) { return Promise.reject('failed to authenticate'); @@ -133,7 +140,12 @@ class AnkiWeb { static loadAccountPage(url, data, username, password) { return AnkiWeb.loadPage(url, data).then(response => { if (response.includes('name="password"')) { - return AnkiWeb.login(username, password).then(() => AnkiWeb.loadPage(url, data)); + const tokenMatch = /name="csrf_token" value="(.*)"/.exec(response); + if (tokenMatch === null) { + return Promise.reject('failed to acquire csrf_token'); + } + + return AnkiWeb.login(username, password, tokenMatch[1]).then(() => AnkiWeb.loadPage(url, data)); } else { return response; } |