From 9983261d4f9004faa2916987c95d86f8562460f8 Mon Sep 17 00:00:00 2001
From: richie <richie@navigatingcancer.com>
Date: Wed, 18 May 2016 22:53:01 -0700
Subject: [PATCH] Send Rails CSRF Token with swagger-ui requests

---
 app/views/swagger_rails/swagger_ui/index.html.erb         | 8 ++++++++
 .../swagger_rails/custom_ui/files/index.html.erb          | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/app/views/swagger_rails/swagger_ui/index.html.erb b/app/views/swagger_rails/swagger_ui/index.html.erb
index 173de52..7f5f7e8 100644
--- a/app/views/swagger_rails/swagger_ui/index.html.erb
+++ b/app/views/swagger_rails/swagger_ui/index.html.erb
@@ -64,6 +64,14 @@
           });
 
           addApiKeyAuthorization();
+
+          // Send Rails CSRF Token with every request
+          var csrfToken = new SwaggerClient.ApiKeyAuthorization(
+            'X-CSRF-Token',
+            '<%= form_authenticity_token %>',
+            'header'
+          );
+          swaggerUi.api.clientAuthorizations.add('csrf-token', csrfToken);
         },
         onFailure: function(data) {
           log("Unable to Load SwaggerUI");
diff --git a/lib/generators/swagger_rails/custom_ui/files/index.html.erb b/lib/generators/swagger_rails/custom_ui/files/index.html.erb
index c281bec..302d46a 100644
--- a/lib/generators/swagger_rails/custom_ui/files/index.html.erb
+++ b/lib/generators/swagger_rails/custom_ui/files/index.html.erb
@@ -64,6 +64,14 @@
           });
 
           addApiKeyAuthorization();
+
+          // Send Rails CSRF Token with every request
+          var csrfToken = new SwaggerClient.ApiKeyAuthorization(
+            'X-CSRF-Token',
+            '<%= form_authenticity_token %>',
+            'header'
+          );
+          swaggerUi.api.clientAuthorizations.add('csrf-token', csrfToken);
         },
         onFailure: function(data) {
           log("Unable to Load SwaggerUI");